Hello all,We are exploring solutions to allow some of our end users to
have a local VM (on their daily Mac) that allows them almost full
control. The key things we need are:User cannot copy and paste, or file
transfer directly between the VM and thei...
Hello all,We are deploying out Microsoft Defender for Endpoint.
Everything is going well except for setting up Device Control.I have
everything configured using the custom schema at mdatp-xplat/schema.json
at master · microsoft/mdatp-xplat (github.co...
So I'm trying to play in the sandbox that Apple and Jamf seem to want us
to be in and I am pushing out as much as I can through configuration
profiles for the user experience in our labs.I have unique docks built
out for each of the different labs wi...
I have managed to get it working with only the most minor tinkering of
their JSON examples. Any time I tried to get it more to exactly what I
would need, it would not deploy as a device control policy to the
endpoint. However, as I need to potentiall...
I do have that baked in. It is using Microsoft's Schema, the section for
Device Control requires a JSON string. I think my JSON is wrong since
further troubleshooting with mdatp device-control policy rules list is
showing as empty.I see they have som...
As Tribruin mentioned, it is also there on Intel Macs with the T2
security chip.A work around for testing older Intel Macs can be to open
Terminal before enrollment in setup assistant and press ⌃ Control + ⌥
Option + ⌘ Command + T and then type tmuti...
Fair enough. I ended up going with a saved inventory search for
basically that reason as I remembered the issue we had when we used to
try and parse updates based off naming and group membership. The
inventory search did get me everything I needed th...
I know this is a bit old, but once you have each Smart Group set up,
couldn't you have another Smart Group or search that excludes all of
those Smart Groups? Trying to solve the same issue myself and this does
seem to be heading the right direction. ...