Handle <Add> and <Replace> for Windows configuration profiles

[marko-lisica]

• @marko-lisica: User requested this because they want to edit Windows configuration profiles that use <Add> verb (e.g. WiFi profile that first must be added to the host with <Add> and if it's resent or updated it won't work, because if it's already set with <Add> on the host it must be edited with <Replace> verb.
  • @marko-lisica: In the interim use one configuration profile to initially <Add> setting to the hosts that don't have it already, and use another profile to edit setting with <Replace> verb. This is a complex workflow to enforce WiFi settings, where a user needs to find which hosts already have settings applied so they can use <Add> or <Replace> accordingly. They might create a label for this (write a query to find a hosts that already have WiFI setting applied).
  • @marko-lisica: Eventually We could build feature to recognize if host has a setting applied and use appropriate verb (<Add> or <Replace>. MDM protocol returns status code 418 when setting is already applied, so that could be a signal to replace verb to <Replace> automatically by Fleet.
• @marko-lisica: There are 2 bugs that are related to this feature request - #24394 & #25030
• @georgekarrv: IT admin will see a "Failed" profile in these scenarios:
  • GitOps: GitOps redelivers profiles, any “Add” profile will be failed on any host that has received it (even by other MDM solution in the past)
  • UI/API: After resending the profile
  • UI/API: After replacing the profile (delete and re-add)

---

User stories

• #27539

[georgekarrv]

@noahtalerman heads up this will start being a large pain point with some of the bugs we are targeting fixing this release. (might want to fix it sooner rather than later)

[nonpunctual]

@noahtalerman @marko-lisica This looks like an engineering-initiated ticket. Does it need Gong snippets? I would like to bump this again for customer-preston. Thanks.

[noahtalerman]

@nonpunctual yes please add a Gong snippet!