Skip to main content
Glama
DynamicEndpoints

Microsoft 365 Core MCP Server

by DynamicEndpoints
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Remote

manage_intune_macos_compliance

Assess macOS device compliance, generate policy adherence reports, and manage security posture for Intune-managed devices.

Instructions

Assess macOS device compliance status and generate reports on policy adherence and security posture.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
actionYesIntune macOS compliance action
deviceIdNoDevice ID for compliance assessment
complianceTypeNoType of compliance check
policiesNoSpecific policy IDs to assess

Implementation Reference

  • src/handlers/intune-macos-handler.ts:684-766 (handler)
    The core handler function executing the tool logic for managing Intune macOS compliance, supporting actions like get_status, get_details, update_policy, and force_evaluation.
    // Intune macOS Compliance Monitoring Handler export async function handleIntuneMacOSCompliance( graphClient: Client, args: IntuneMacOSComplianceArgs ): Promise<{ content: { type: string; text: string }[] }> { let apiPath = ''; let result: any; switch (args.action) { case 'get_status': if (args.deviceId) { // Get compliance status for specific device apiPath = `/deviceManagement/managedDevices/${args.deviceId}/deviceCompliancePolicyStates`; } else { // Get overall compliance status for macOS devices apiPath = '/deviceManagement/deviceCompliancePolicyDeviceStateSummary'; apiPath += `?$filter=platformType eq 'macOS'`; } result = await graphClient.api(apiPath).get(); break; case 'get_details': if (!args.deviceId) { throw new McpError(ErrorCode.InvalidParams, 'deviceId is required for get_details action'); } // Get detailed compliance information for device apiPath = `/deviceManagement/managedDevices/${args.deviceId}/deviceCompliancePolicyStates`; const complianceStates = await graphClient.api(apiPath).get(); // Get device configuration states const configApiPath = `/deviceManagement/managedDevices/${args.deviceId}/deviceConfigurationStates`; const configStates = await graphClient.api(configApiPath).get(); result = { deviceId: args.deviceId, compliancePolicyStates: complianceStates, configurationStates: configStates }; break; case 'update_policy': if (!args.policyId) { throw new McpError(ErrorCode.InvalidParams, 'policyId is required for update_policy action'); } apiPath = `/deviceManagement/deviceCompliancePolicies/${args.policyId}`; const updatePayload = { passwordRequired: args.complianceData?.passwordCompliant, storageRequireEncryption: args.complianceData?.encryptionCompliant, systemIntegrityProtectionEnabled: args.complianceData?.systemIntegrityCompliant, firewallEnabled: args.complianceData?.firewallCompliant }; result = await graphClient.api(apiPath).patch(updatePayload); break; case 'force_evaluation': if (!args.deviceId) { throw new McpError(ErrorCode.InvalidParams, 'deviceId is required for force_evaluation action'); } // Trigger compliance evaluation on device apiPath = `/deviceManagement/managedDevices/${args.deviceId}/syncDevice`; await graphClient.api(apiPath).post({}); // Also trigger compliance policy evaluation const evalApiPath = `/deviceManagement/managedDevices/${args.deviceId}/triggerConfigurationManagerAction`; await graphClient.api(evalApiPath).post({ action: { actionType: 'evaluateCompliance' } }); result = { message: 'Compliance evaluation triggered successfully' }; break; default: throw new McpError(ErrorCode.InvalidParams, `Invalid action: ${args.action}`); } return { content: [{ type: 'text', text: JSON.stringify(result, null, 2) }] }; }
  • src/types/intune-types.ts:363-377 (schema)
    TypeScript interface defining the input parameters (IntuneMacOSComplianceArgs) for the compliance handler, used for type checking and validation.
    export interface IntuneMacOSComplianceArgs { action: 'get_status' | 'get_details' | 'update_policy' | 'force_evaluation'; deviceId?: string; policyId?: string; complianceData?: { passwordCompliant?: boolean; encryptionCompliant?: boolean; osVersionCompliant?: boolean; threatProtectionCompliant?: boolean; systemIntegrityCompliant?: boolean; firewallCompliant?: boolean; gatekeeperCompliant?: boolean; jailbrokenCompliant?: boolean; }; }
  • src/handlers.ts:32-44 (registration)
    Imports the handleIntuneMacOSCompliance handler and its argument type into the main handlers module, enabling tool registration and dispatching.
    // Import Intune macOS handlers and types import { handleIntuneMacOSDevices, handleIntuneMacOSPolicies, handleIntuneMacOSApps, handleIntuneMacOSCompliance } from './handlers/intune-macos-handler.js'; import { IntuneMacOSDeviceArgs, IntuneMacOSPolicyArgs, IntuneMacOSAppArgs, IntuneMacOSComplianceArgs } from './types/intune-types.js';
  • src/tool-metadata.ts:142-145 (helper)
    Tool metadata providing description, title, and annotations (read-only, idempotent) for the manage_intune_macos_compliance tool.
    manage_intune_macos_compliance: { description: "Assess macOS device compliance status and generate reports on policy adherence and security posture.", title: "Intune macOS Compliance Checker", annotations: { title: "Intune macOS Compliance Checker", readOnlyHint: true, destructiveHint: false, idempotentHint: true, openWorldHint: true }

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/DynamicEndpoints/m365-core-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server