fleet
fleet copied to clipboard
fleetdm
Config less Windows END_USER_EMAIL support
Fleet version: <!-- Copy this from the "My account" page in the Fleet UI, or run fleetctl --version -->
Fleet 4.50.0 (dogfood rc-snapshot)
Web browser and operating system:
current browser, Windows 11 VM 23H2
💥 Actual behavior
This might not be a supported workflow or possibly holding the tool incorrectly. Is also experimental. Following https://fleetdm.com/guides/config-less-fleetd-agent-deployment and https://github.com/fleetdm/fleet/blob/825e78582119242b713a9ce2a4fa5b162982fd4b/cmd/fleetctl/package.go#L236C28-L236C51
thinking could supply FLEETCTL_END_USER_EMAIL and install.
msiexec /i fleetd-base.msi FLEET_URL="https://dogfood.fleetdm.com/" FLEET_SECRET="oursupersecretenroll" FLEETCTL_END_USER_EMAIL="[email protected]" also tried with ORBIT_END_USER_EMAIL="[email protected]" found in orbit https://github.com/fleetdm/fleet/blob/2e8da551d04aaf0305087f4c1871f9def1ce94fa/orbit/cmd/orbit/orbit.go#L190
Fleetd installs fine and even Windows MDM enrollment is good, but does not look like the end user email is passed on.
> curl -LSs -H 'Authorization: Bearer token' -H 'Content-Type:application/json' 'https://dogfood.fleetdm.com/api/v1/fleet/hosts/1001/device_mapping'
{
"host_id": 1001,
"device_mapping": null
}
Again, not sure if this flow was supported or designed only for during package build. Is possible this is more of a feature request.
🧑💻 Steps to reproduce
- Fresh windows VM started up, making sure removed host from dogfood
- install the fleetd-base.msi with msiexec passing envvar
- enrolls in Fleet fine but does not seem to pass
FLEETCTL_END_USER_EMAILorORBIT_END_USER_EMAIL
🕯️ More info (optional)
This would help with workflows on Windows by supplying the fleetd package and then installing with a command that could pass, instead of having to build individual fleetd packages for each "email mapping".
