-
Notifications
You must be signed in to change notification settings - Fork 179
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deploy Elastic Defend with MDM #5749
Conversation
A documentation preview will be available soon. Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
🚀 Built elastic-dot-co-docs-preview-docs successfully!
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall, these new pages look great and are super helpful! My suggestions for the ESS content also apply to the Serverless content, and ofc feel free to reject anything that you disgree with.
On a sidenote, I wonder how often we'll need to update the "Deploy Elastic Defend on macOS with mobile device management" page. Unless we conduct regular audits, it'll be difficult to know if/when the instructions become outdated.
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Note to self: after all suggestions are applied to ESS docs, make the same changes in serverless. |
Another very important thing to document for our Enterprise customer is Managed Login Items. It prevents admins on macOS Ventura (and up) from disabling Agent via System Settings → General → Login Items. Apple makes it easy to turn it off: Above is how our Elastic Macs are set up, it can't be toggled in the GUI. I've been pulled into a couple SDHs about this and have really been hoping it'd be documented and these easily solved SDHs would be deflected. I've documented Managed Login Items back on Jan 22, 2024 here with Jamf screenshots and again the same issue here with platform agnostic iMazing Profile Editor… and even back in January 31, 2023 here. Note: A Managed Login Item config profile should never be deployed to macOS v11 (Big Sur) and under, macOS won't process it even after an upgrade to Ventura (v12) and up. So it won't be applied. @caitlinbetz this was that new thing I was mentioning in the interview that might benefit from having a separate script here |
Hi @brunerd, this is great feedback, thank you! One quick question about the FDA entries: we noticed in your screenshot that the third entry is for |
@natasha-moore-elastic omg good catch, I've edited my above entry to reflect your catch - sorry, my afternoon/serial-processing brain saw the v7 entry and just stopped there… missing the fact that |
All good, thanks for clarifying! I'll make the edits to update the incorrect/outdated info. Your other feedback (re the python script and Managed Login items) is super useful but will likely take more time & investigation/writing effort, so we're planning to work on that separately to avoid delays in merging this PR. I've spun off new docs tickets (#5792 and #5793) to track that work and we'll aim to prioritize it for the next couple of sprints, since it looks like a lot of customers could benefit from it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🎸 🤘 🔥
* Deploy Elastic Defend with MDM (ESS) * Deploy Elastic Defend with MDM (serverless) * Adds full stop * Apply suggestions from code review Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Update docs/management/admin/deploy-with-mdm.asciidoc Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply Nastasha's suggestion * Applies review suggestions * Applies feedback * Update docs/serverless/edr-install-config/deploy-with-mdm.mdx * Changes inline monospace to code block * Updates outdated info --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit d2ef5bf) # Conflicts: # docs/serverless/serverless-security.docnav.json # docs/serverless/troubleshooting/troubleshoot-endpoints.mdx
* Deploy Elastic Defend with MDM (ESS) * Deploy Elastic Defend with MDM (serverless) * Adds full stop * Apply suggestions from code review Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Update docs/management/admin/deploy-with-mdm.asciidoc Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply Nastasha's suggestion * Applies review suggestions * Applies feedback * Update docs/serverless/edr-install-config/deploy-with-mdm.mdx * Changes inline monospace to code block * Updates outdated info --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit d2ef5bf) # Conflicts: # docs/serverless/serverless-security.docnav.json # docs/serverless/troubleshooting/troubleshoot-endpoints.mdx
* Deploy Elastic Defend with MDM (#5749) * Deploy Elastic Defend with MDM (ESS) * Deploy Elastic Defend with MDM (serverless) * Adds full stop * Apply suggestions from code review Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Update docs/management/admin/deploy-with-mdm.asciidoc Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply Nastasha's suggestion * Applies review suggestions * Applies feedback * Update docs/serverless/edr-install-config/deploy-with-mdm.mdx * Changes inline monospace to code block * Updates outdated info --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit d2ef5bf) # Conflicts: # docs/serverless/serverless-security.docnav.json # docs/serverless/troubleshooting/troubleshoot-endpoints.mdx * Delete docs/serverless directory and its contents --------- Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Deploy Elastic Defend with MDM (#5749) * Deploy Elastic Defend with MDM (ESS) * Deploy Elastic Defend with MDM (serverless) * Adds full stop * Apply suggestions from code review Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Update docs/management/admin/deploy-with-mdm.asciidoc Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply Nastasha's suggestion * Applies review suggestions * Applies feedback * Update docs/serverless/edr-install-config/deploy-with-mdm.mdx * Changes inline monospace to code block * Updates outdated info --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit d2ef5bf) # Conflicts: # docs/serverless/serverless-security.docnav.json # docs/serverless/troubleshooting/troubleshoot-endpoints.mdx * Delete docs/serverless directory and its contents --------- Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Resolves #3265.
Adds a new page "Deploy Elastic Defend on macOS with mobile device management" to the Install Elastic Defend section.
Adds a new troubleshooting section for Elastic Defend deployment issues to the Troubleshoot Elastic Defend page.
Previews