https://github.com/osquery/osquery logo
Title
m

Martin Langhoff

12/17/2020, 6:07 PM
What is the distinction (and interaction?) between User Owned and Private? They seem to be self-standing booleans each of them. • Also - Does
User Owned
affect functionality today? How?
t

terracatta

12/17/2020, 6:08 PM
The only thing important to note about a user-owned device in terms of functionality difference is that you can re-assign the owner. They are permanently assigned during the enrollment process
This is important for upcoming MDM functionality that requires end-user consent
so that you just don't assign the device to yourself and then grant the consent
The Private Device designation was created for devices you wish to enroll but want to ensure their registered user that you don't have a full level of visibility into the device, only the passing/failing status of checks.
When a device is private only limited information about it is displayed, and it not queryable in Live Query or Log Pipeline
A user-owned device can also be private.
An organization owned device can be private as well
m

Martin Langhoff

12/17/2020, 6:14 PM
great info! can Kolide still run full diagnostics on a private device? (policy compliance)
t

terracatta

12/17/2020, 6:16 PM
Yes
we still collect all the information needed to run the entire suite of Checks
m

Martin Langhoff

12/17/2020, 6:31 PM
fantastic thank you!