mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 21:47:20 +00:00
This pull request introduces several updates to the configuration for the Workstations team, primarily to support conditional access testing, enhance device management, and expand policy coverage. The changes include enabling conditional access, adding new configuration profiles and scripts, and updating policies and software deployments. **Conditional Access and Device Management Enhancements:** - Enabled conditional access for the Workstations team by setting `conditional_access_enabled: true` in the integrations section. - Added new configuration profiles for conditional access and Santa (macOS security tool), targeting specific test groups via labels. [[1]](diffhunk://#diff-96f80858f5a487334ae6014cddaa65d1bb79d7e85fa0ea596d1e49063f5b99bdR49-R51) [[2]](diffhunk://#diff-96f80858f5a487334ae6014cddaa65d1bb79d7e85fa0ea596d1e49063f5b99bdR72-R83) - Included new scripts to support conditional access and device security, such as creating allow files, installing/uninstalling security tools, and enabling Windows Defender. **Policy and Query Expansion:** - Introduced new policies to check for Company Portal installation and Entra conditional access compliance. - Added a query to collect Santa denied logs for improved security monitoring. **Software Deployment Updates:** - Added Company Portal for macOS as a self-service app for the "Conditional access test group". - Minor formatting update for the Keynote app store ID. **Other Notable Changes:** - Removed the "💻🐣 Workstations (canary)" entry from the organization settings, streamlining team categorization. - Cleaned up comments related to update channels in agent options for clarity. |
||
|---|---|---|
| .. | ||
| agent-options | ||
| icons | ||
| labels | ||
| queries | ||