Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

image.png

Even more windows mdm fun! I'm trying to apply custom OS profiles, using an example from fleet repo (windows-screen-lock.xml) - or, my own example to install a Root CA.
The profiles seem to apply successfully (password complexity rules are set, I can see the root CA), but Fleet can't verify them - the host info is still showing 'verifying'.

Local Host osqueryd logs:

```E1113 17:59:31.023507 12152 distributed.cpp:187] Error executing distributed query: fleet_detail_query_mdm_config_profiles_windows: error generating table: mdm command execution: there was an error calling ApplyLocalManagementSyncML(): (0x%!X(&lt;nil&gt;))%!(EXTRA uintptr=2147942450) 
E1113 17:59:32.893906 12152 utils.cpp:572] Failed to read the following manifest.json file: C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\resources\edge_suppress_consent_prompt\manifest.json. The extension was referenced by the following profile: C:\Users\JesseFaden\AppData\Local\Microsoft\Edge\User Data\Default```

Are you running the latest version of fleet and osquery?

Is there a way to check the Windows Event Logs for any mdm related errors?

Hey <@U080A2XH61W>, a few others have reported this behavior and there is a bug filed for it. Here's the link to the issue for tracking: <https://github.com/fleetdm/fleet/issues/23599>

<@U01T0F0MH0V>yes, the latest fleet (4.59.0) and osquery that was produced by running `fleetctl package`

<@U074CDF5TNZ> not sure  it's the same issue - for us, the host stays in _verifying_ forever. But happy to add details to the bug.