Changes
-
Upgraded Go version to 1.19.10.
-
Added support for ChromeOS devices.
-
Added instructions to inform users how to add ChromeOS hosts.
-
Added ChromeOS details to the dashboard, manage hosts, and host details pages.
-
Added ability for users to create policies that target ChromeOS.
-
Added built-in label for ChromeOS.
-
Added query to fill in
device_mapping
from ChromeOS hosts. -
Improved the performance of live query results rendering to address usability issues when querying tens of thousands of hosts.
-
Reduced size of live query websocket message by removing unused host data.
-
Added the
POST /fleet/mdm/apple/profiles/preassign
endpoint to store profiles to be assigned to a host for subsequent matching with an existing (or new) team. -
Added the
POST /fleet/mdm/apple/profiles/match
endpoint to match pre-assigned profiles to an existing team or create one if needed, and assign the host to that team. -
Updated
GET /mdm/apple/profiles
endpoint to return empty array instead of null if no profiles are found. -
Improved ingestion of MDM devices from ABM:
- If a device's operation_type is
modified
, but the device doesn't exist in Fleet yet, a DEP profile will be assigned to the device and a new record will be created in Fleet. - If a device's operation_type is
deleted
, the device won't be prompted to migrate to Fleet if the feature has been configured.
- If a device's operation_type is
-
Added "Verified" profile status for profiles verified with osquery.
-
Added "Action required" status for disk encryption profile in UI for host details and device user pages.
-
Added UI for the end user authentication page for MDM macos setup.
-
Added new host detail query to verify MDM profiles and updated API to include verified status.
-
Added documentation in the guide for
fleetctl get mdm-commands
. -
Moved post-DEP (automatic) MDM enrollment to a worker job for increased resiliency with retries.
-
Added better UI error for manual enroll MDM modal.
-
Updated
GET /api/_version_/fleet/config
to now omits fieldssmtp_settings
andsso_settings
if not set. -
Added a response payload to the
POST /api/latest/fleet/spec/teams
contributor API endpoint so that it returns an object with ateam_ids_by_name
key which maps team names with their corresponding id. -
Ensure we send post-enrollment commands to MDM devices that are re-enrolling after being wiped.
-
Added error message to UI when Redis disconnects during a live query session.
-
Optimized query used for listing activities on the dashboard.
-
Added ability for users to delete multiple pages of hosts.
-
Added ability to deselect label filter on host table.
-
Added support for value
null
onFLEET_JIT_USER_ROLE_GLOBAL
andFLEET_JIT_USER_ROLE_TEAM_*
SAML attributes. Fleet will accept and ignore suchnull
attributes. -
Deprecate
enable_jit_role_sync
setting and only change role for existing users if role attributes are set in theSAMLResponse
. -
Improved styling in sandbox mode.
-
Patched a potential security issue.
-
Improved icon clarity.
-
Fixed issues with the MDM migration flow.
-
Fixed a bug with applying team specs via
fleetctl apply
and updating a team via thePATCH /api/latest/fleet/mdm/teams/{id}
endpoint so that the MDM updates settings (minimum_version
anddeadline
) are not cleared if not provided in the payload. -
Fixed table formatting for the output of
fleetctl get mdm-command-results
. -
Fixed the
/api/latest/fleet/mdm/apple_bm
endpoint so that it returns 400 instead of 500 when it fails to authenticate with Apple's Business Manager API, as this indicates a Fleet configuration issue with the Apple BM certificate or token. -
Fixed a bug that would show MDM URLs for the same server as different servers if they contain query parameters.
-
Fixed an issue preventing a user with the
gitops
role from applying some MDM settings viafleetctl apply
(themacos_setup_assistant
andbootstrap_package
settings). -
Fixed
GET /api/v1/fleet/spec/labels/{name}
endpoint so that it now includes the label id. -
Fixed Observer/Observer+ role being able to see team secrets.
-
Fixed UI bug where
inherited_page=0
was incorrectly added to some URLs. -
Fixed misaligned icons in UI.
-
Fixed tab misalignment caused by new font.
-
Fixed dashed line styling on multiline activities.
-
Fixed a bug in the users table where users that are observer+ for all of more than one team were listed as "Various roles".
-
Fixed 500 error being returned if SSO session is not found.
-
Fixed issue with
chrome_extensions
virtual table not returning a path value onfleetd-chrome
, which was breaking software ingestion. -
Fixed bug with page navigation inside 'My Device' page.
-
Fixed a styling bug in the add hosts modal in sandbox mode.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for Fleet is available at fleetdm.com/docs.
Binary Checksum
SHA256
1cb200bf823f4b4289360cda0d19bb19c6e2ee0e4672471366b5bd10f826bc03 fleetctl_v4.33.0_macos.tar.gz
38fba86d16b314d12c22793917092fedd500037b87fbbd305031470d88dc99b4 fleet_v4.33.0_linux.tar.gz
85f665b67cbfb6dd7db86e4d7ba35f10043b49a10804d4cd9e6075ea32db8fa8 fleetctl_v4.33.0_linux.zip
a2eacd04dc430cffb1e3d30c5bfbd3d9374dcd7a2e4cc1294e177a75d6595ddf fleetctl_v4.33.0_windows.zip
b8d55372d8ffb29f91a742de2cb858a71ef76e05e2b71587fe824b5af154b8dc fleetctl_v4.33.0_windows.tar.gz
d3ee828910273d33ae01a3a198e11d5248834d9fa99b4d05360deb32464fc99f fleetctl_v4.33.0_linux.tar.gz
e347ea63bdbd859ebd784e921ffff1c7437939524527dcf9d35f133f5b9c6acf fleetctl_v4.33.0_macos.zip