Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

Hi all! Is there a way to distribute the orbit agent using Jamf/any other MDM with bash script? How would you go about user authentication during silent deployment? I am building an osquery agent (not orbit) with user authentication and saw the Fleetdm agent can be distributed quickly with MDM...Maybe someone has a hint how this can be achieved? I'd like to pass somewhere the company registration key and user id to be able to understand who exactly has installed the agent and sync the compliance data

Hi <@U029MTGNA07>! You can definitely deploy the package using your current MDM solution. Jamf (and others) tend to complain if you don't provide a signed package, but we've actually got a signed base package that you can <https://download.fleetdm.com/stable/fleetd-base.pkg|download>  and then configure using an <https://fleetdm.com/guides/config-less-fleetd-agent-deployment#for-macos|MDM profile>.

The end-user authentication flow does not trigger during a silent migration, only when a host automatically enrolls during the MacOS setup flow.

Thanks Kathy! I saw some compliance providers do it with their osquery agents - they push user id and company registration key (like company ID) into bash script for roll out and somehow they are supposed to be registered to users without users needing to authenticate. Have you ever tried this?