Skip to content

Self host fleetd base URL #48060

Description

@William-TecNQ
User story
As an IT Admin,
I want to host fleetd locally
so that I can ensure MacOS host enrollments are successful in a network behind a proxy.

Currently, MacOS host enrollments (Along with other various parts of the codebase) depend on outbound network access to fetch the fleetd-base-manifest.plist file, which works well a large majority of the time.

However, if the enrollment is happening in a network behind a proxy requiring user authentication, Setup Assistant never progresses & fleetd is never installed. This is because the request for the fleetd-base-manifest.plist is never resolved, and a DeviceConfigured command is never sent to the host.

In the same vein, in a locked down network where only a limited amount of outbound domains are reachable by end users, and only when strictly necessary (e.g Apple for device activation), this same issue would occur.

Screenshots and/or screen recording

I suggest a configurable base URL which is used when hosts are requesting the fleetd package manifest or metadata

Example: fleetd base URL with only the domain

Image

Example: fleetd base URL with a sub-directory

Image

Example tooltip

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions