Closed lukeheath closed 11 months ago
@georgekarrv I removed the product label to take it off the board. We're gonna make a subtask of #11952.
@georgekarrv do we still need this for programmatic enrollment to work? My guess is no if programmatic enrollment works as expected.
Closing this as it's mostly a duplicate of #11952
Windows MDM enrolled, Secure in the cloud city, Fleet stands strong, controlled.
Goal
As a developer, I aim to support Windows Devices enrollment by implementing the MS-MDE2 protocol specification in the Fleet server. Initially, only the 'On-Premise' auth type should be supported. A sample proof of concept (PoC) with an MS-MDE2 implementation is available here. Example protocol exchange here and here.
IDiscoveryService
endpoint here.Certificate Enrollment Policy
endpoint hereRequestSecurityToken
endpoint here.Tasks
Context
There is no NanoMDM equivalent for Windows, so there is some technical foundation work required to begin implementing Windows MDM features.
QA
Risk assessment
Risk level: Low / High TODO
Risk description: TODO
Automated:
Manual testing steps
Testing notes
Confirmation