Skip to main content
Glama
DynamicEndpoints

Microsoft 365 Core MCP Server

by DynamicEndpoints
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Remote

manage_intune_macos_policies

Manage macOS device security and configuration policies in Microsoft Intune to control settings, enforce compliance, and deploy updates.

Instructions

Manage macOS configuration profiles and compliance policies for device security and management settings.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
actionYesIntune macOS policy management action
policyIdNoPolicy ID for policy-specific operations
policyTypeYesType of macOS policy
nameNoPolicy name
descriptionNoPolicy description
settingsNoPolicy configuration settings
assignmentsNoPolicy assignments
deploymentSettingsNoDeployment settings

Implementation Reference

  • src/handlers/intune-macos-handler.ts:125-584 (handler)
    Core handler function implementing the manage_intune_macos_policies tool. Handles CRUD operations, assignments, and deployments for Intune macOS configuration, compliance, security, update, and app protection policies using Microsoft Graph API.
    export async function handleIntuneMacOSPolicies( graphClient: Client, args: IntuneMacOSPolicyArgs ): Promise<{ content: { type: string; text: string }[] }> { let apiPath = ''; let result: any; switch (args.action) { case 'list': // List policies based on type - using correct endpoints without invalid filters switch (args.policyType) { case 'Configuration': apiPath = '/deviceManagement/deviceConfigurations'; try { // First try with beta endpoint for more comprehensive results try { const allConfigs = await graphClient.api(apiPath).version('beta').get(); // Improved client-side filtering for macOS configuration policies const macOSPolicies = allConfigs.value?.filter((config: any) => { // Check for known macOS odata types if (config['@odata.type'] && ( config['@odata.type'].includes('macOS') || config['@odata.type'] === '#microsoft.graph.macOSCustomConfiguration' || config['@odata.type'] === '#microsoft.graph.macOSGeneralDeviceConfiguration' || config['@odata.type'] === '#microsoft.graph.macOSDeviceFeaturesConfiguration' || config['@odata.type'] === '#microsoft.graph.macOSEndpointProtectionConfiguration' )) { return true; } // Check display name and description for macOS indicators if ((config.displayName && ( config.displayName.toLowerCase().includes('mac') || config.displayName.toLowerCase().includes('macos'))) || (config.description && ( config.description.toLowerCase().includes('mac') || config.description.toLowerCase().includes('macos')))) { return true; } return false; }) || []; result = { ...allConfigs, value: macOSPolicies }; } catch (betaError) { // Fall back to v1.0 endpoint if beta fails console.log(`Beta API failed, falling back to v1.0: ${betaError}`); const allConfigs = await graphClient.api(apiPath).get(); // Same improved filtering logic for v1.0 const macOSPolicies = allConfigs.value?.filter((config: any) => { // Check for known macOS odata types if (config['@odata.type'] && ( config['@odata.type'].includes('macOS') || config['@odata.type'] === '#microsoft.graph.macOSCustomConfiguration' || config['@odata.type'] === '#microsoft.graph.macOSGeneralDeviceConfiguration' || config['@odata.type'] === '#microsoft.graph.macOSDeviceFeaturesConfiguration' )) { return true; } // Check display name and description for macOS indicators if ((config.displayName && ( config.displayName.toLowerCase().includes('mac') || config.displayName.toLowerCase().includes('macos'))) || (config.description && ( config.description.toLowerCase().includes('mac') || config.description.toLowerCase().includes('macos')))) { return true; } return false; }) || []; result = { ...allConfigs, value: macOSPolicies }; } // If no policies found, check configuration profiles endpoint as fallback if (result.value.length === 0) { try { apiPath = '/deviceManagement/configurationPolicies'; const configProfiles = await graphClient.api(apiPath).version('beta').get(); const macOSProfiles = configProfiles.value?.filter((profile: any) => profile.platforms?.includes('macOS') || profile.platforms?.includes('Mac') || (profile.name && ( profile.name.toLowerCase().includes('mac') || profile.name.toLowerCase().includes('macos'))) ) || []; result = { ...configProfiles, value: macOSProfiles }; } catch (profilesError) { console.log(`Configuration profiles endpoint failed: ${profilesError}`); // Keep the empty result from deviceConfigurations } } } catch (error) { throw new McpError(ErrorCode.InternalError, `Failed to fetch device configurations: ${error}`); } break; case 'Compliance': apiPath = '/deviceManagement/deviceCompliancePolicies'; try { // First try with beta endpoint for more comprehensive results try { const allPolicies = await graphClient.api(apiPath).version('beta').get(); // Improved client-side filtering for macOS compliance policies const macOSPolicies = allPolicies.value?.filter((policy: any) => { // Check for known macOS odata types if (policy['@odata.type'] && ( policy['@odata.type'].includes('macOS') || policy['@odata.type'] === '#microsoft.graph.macOSCompliancePolicy' )) { return true; } // Check display name and description for macOS indicators if ((policy.displayName && ( policy.displayName.toLowerCase().includes('mac') || policy.displayName.toLowerCase().includes('macos'))) || (policy.description && ( policy.description.toLowerCase().includes('mac') || policy.description.toLowerCase().includes('macos')))) { return true; } return false; }) || []; result = { ...allPolicies, value: macOSPolicies }; } catch (betaError) { // Fall back to v1.0 endpoint if beta fails console.log(`Beta API failed, falling back to v1.0: ${betaError}`); const allPolicies = await graphClient.api(apiPath).get(); // Same improved filtering logic for v1.0 const macOSPolicies = allPolicies.value?.filter((policy: any) => { // Check for known macOS odata types if (policy['@odata.type'] && ( policy['@odata.type'].includes('macOS') || policy['@odata.type'] === '#microsoft.graph.macOSCompliancePolicy' )) { return true; } // Check display name and description for macOS indicators if ((policy.displayName && ( policy.displayName.toLowerCase().includes('mac') || policy.displayName.toLowerCase().includes('macos'))) || (policy.description && ( policy.description.toLowerCase().includes('mac') || policy.description.toLowerCase().includes('macos')))) { return true; } return false; }) || []; result = { ...allPolicies, value: macOSPolicies }; } } catch (error) { throw new McpError(ErrorCode.InternalError, `Failed to fetch compliance policies: ${error}`); } break; case 'Security': // Use configuration policies for security settings apiPath = '/deviceManagement/configurationPolicies'; try { const allSecurityPolicies = await graphClient.api(apiPath).get(); // Client-side filtering for macOS security policies result = { ...allSecurityPolicies, value: allSecurityPolicies.value?.filter((policy: any) => policy.platforms?.includes('macOS') || policy.platforms?.includes('Mac') || policy.name?.toLowerCase().includes('macos') || policy.name?.toLowerCase().includes('mac') ) || [] }; } catch (error) { // Fallback to device configurations if configurationPolicies doesn't exist try { apiPath = '/deviceManagement/deviceConfigurations'; const allConfigs = await graphClient.api(apiPath).get(); result = { ...allConfigs, value: allConfigs.value?.filter((config: any) => config['@odata.type']?.includes('macOS') && (config.displayName?.toLowerCase().includes('security') || config.description?.toLowerCase().includes('security')) ) || [] }; } catch (fallbackError) { throw new McpError(ErrorCode.InternalError, `Failed to fetch security policies: ${fallbackError}`); } } break; case 'Update': // Try multiple potential endpoints for update policies try { // First try the beta endpoint for software update policies apiPath = '/deviceManagement/deviceConfigurations'; const allConfigs = await graphClient.api(apiPath).version('beta').get(); result = { ...allConfigs, value: allConfigs.value?.filter((config: any) => config['@odata.type'] === 'microsoft.graph.macOSSoftwareUpdateConfiguration' || config['@odata.type']?.includes('SoftwareUpdate') && config['@odata.type']?.includes('macOS') ) || [] }; } catch (error) { // Fallback to regular configurations try { apiPath = '/deviceManagement/deviceConfigurations'; const allConfigs = await graphClient.api(apiPath).get(); result = { ...allConfigs, value: allConfigs.value?.filter((config: any) => config.displayName?.toLowerCase().includes('update') && (config['@odata.type']?.includes('macOS') || config.displayName?.toLowerCase().includes('macos')) ) || [] }; } catch (fallbackError) { throw new McpError(ErrorCode.InternalError, `Failed to fetch update policies: ${fallbackError}`); } } break; case 'AppProtection': // Try app protection policies try { apiPath = '/deviceAppManagement/managedAppPolicies'; const allAppPolicies = await graphClient.api(apiPath).get(); result = { ...allAppPolicies, value: allAppPolicies.value?.filter((policy: any) => policy['@odata.type'] === 'microsoft.graph.macOSManagedAppProtection' || (policy.displayName?.toLowerCase().includes('macos') || policy.displayName?.toLowerCase().includes('mac')) ) || [] }; } catch (error) { throw new McpError(ErrorCode.InternalError, `Failed to fetch app protection policies: ${error}`); } break; default: throw new McpError(ErrorCode.InvalidParams, `Invalid policyType: ${args.policyType}`); } break; case 'get': if (!args.policyId) { throw new McpError(ErrorCode.InvalidParams, 'policyId is required for get action'); } switch (args.policyType) { case 'Configuration': apiPath = `/deviceManagement/deviceConfigurations/${args.policyId}`; break; case 'Compliance': apiPath = `/deviceManagement/deviceCompliancePolicies/${args.policyId}`; break; case 'Security': apiPath = `/deviceManagement/intents/${args.policyId}`; break; case 'Update': apiPath = `/deviceManagement/macOSSoftwareUpdatePolicies/${args.policyId}`; break; case 'AppProtection': apiPath = `/deviceAppManagement/macOSManagedAppProtections/${args.policyId}`; break; default: throw new McpError(ErrorCode.InvalidParams, `Get operation not supported for policyType: ${args.policyType}`); } result = await graphClient.api(apiPath).get(); break; case 'create': if (!args.name) { throw new McpError(ErrorCode.InvalidParams, 'name is required for create action'); } switch (args.policyType) { case 'Configuration': apiPath = '/deviceManagement/deviceConfigurations'; const configPayload = { '@odata.type': '#microsoft.graph.macOSCustomConfiguration', displayName: args.name, description: args.description || '', payloadFileName: args.settings?.customConfiguration?.payloadFileName || 'config.mobileconfig', payload: args.settings?.customConfiguration?.payload || '', platformType: 'macOS', version: 1 }; result = await graphClient.api(apiPath).post(configPayload); break; case 'Compliance': apiPath = '/deviceManagement/deviceCompliancePolicies'; const compliancePayload = { '@odata.type': '#microsoft.graph.macOSCompliancePolicy', displayName: args.name, description: args.description || '', platformType: 'macOS', passwordRequired: args.settings?.compliance?.passwordRequired ?? false, passwordMinimumLength: args.settings?.compliance?.passwordMinimumLength ?? 4, passwordMinutesOfInactivityBeforeLock: args.settings?.compliance?.passwordMinutesOfInactivityBeforeLock ?? 15, storageRequireEncryption: args.settings?.compliance?.storageRequireEncryption ?? true, osMinimumVersion: args.settings?.compliance?.osMinimumVersion, osMaximumVersion: args.settings?.compliance?.osMaximumVersion, systemIntegrityProtectionEnabled: args.settings?.compliance?.systemIntegrityProtectionEnabled ?? true, firewallEnabled: args.settings?.compliance?.firewallEnabled ?? true, gatekeeperAllowedAppSource: args.settings?.compliance?.gatekeeperAllowedAppSource ?? 'macAppStoreAndIdentifiedDevelopers' }; result = await graphClient.api(apiPath).post(compliancePayload); break; default: throw new McpError(ErrorCode.InvalidParams, `Create operation not supported for policyType: ${args.policyType}`); } break; case 'update': if (!args.policyId) { throw new McpError(ErrorCode.InvalidParams, 'policyId is required for update action'); } switch (args.policyType) { case 'Configuration': apiPath = `/deviceManagement/deviceConfigurations/${args.policyId}`; const updateConfigPayload = { displayName: args.name, description: args.description, payloadFileName: args.settings?.customConfiguration?.payloadFileName, payload: args.settings?.customConfiguration?.payload }; result = await graphClient.api(apiPath).patch(updateConfigPayload); break; case 'Compliance': apiPath = `/deviceManagement/deviceCompliancePolicies/${args.policyId}`; const updateCompliancePayload = { displayName: args.name, description: args.description, passwordRequired: args.settings?.compliance?.passwordRequired, passwordMinimumLength: args.settings?.compliance?.passwordMinimumLength, storageRequireEncryption: args.settings?.compliance?.storageRequireEncryption, osMinimumVersion: args.settings?.compliance?.osMinimumVersion, osMaximumVersion: args.settings?.compliance?.osMaximumVersion }; result = await graphClient.api(apiPath).patch(updateCompliancePayload); break; default: throw new McpError(ErrorCode.InvalidParams, `Update operation not supported for policyType: ${args.policyType}`); } break; case 'delete': if (!args.policyId) { throw new McpError(ErrorCode.InvalidParams, 'policyId is required for delete action'); } switch (args.policyType) { case 'Configuration': apiPath = `/deviceManagement/deviceConfigurations/${args.policyId}`; break; case 'Compliance': apiPath = `/deviceManagement/deviceCompliancePolicies/${args.policyId}`; break; default: throw new McpError(ErrorCode.InvalidParams, `Delete operation not supported for policyType: ${args.policyType}`); } await graphClient.api(apiPath).delete(); result = { message: `${args.policyType} policy deleted successfully` }; break; case 'assign': if (!args.policyId || !args.assignments) { throw new McpError(ErrorCode.InvalidParams, 'policyId and assignments are required for assign action'); } switch (args.policyType) { case 'Configuration': apiPath = `/deviceManagement/deviceConfigurations/${args.policyId}/assignments`; break; case 'Compliance': apiPath = `/deviceManagement/deviceCompliancePolicies/${args.policyId}/assignments`; break; default: throw new McpError(ErrorCode.InvalidParams, `Assign operation not supported for policyType: ${args.policyType}`); } const assignmentPayload = { assignments: args.assignments.map(assignment => ({ target: { '@odata.type': assignment.target.groupId ? '#microsoft.graph.groupAssignmentTarget' : '#microsoft.graph.allDevicesAssignmentTarget', groupId: assignment.target.groupId }, intent: assignment.intent || 'apply' })) }; result = await graphClient.api(apiPath).post(assignmentPayload); break; case 'deploy': if (!args.policyId) { throw new McpError(ErrorCode.InvalidParams, 'policyId is required for deploy action'); } // For deploy action, we'll assign to all devices or specified groups const deployApiPath = args.policyType === 'Configuration' ? `/deviceManagement/deviceConfigurations/${args.policyId}/assignments` : `/deviceManagement/deviceCompliancePolicies/${args.policyId}/assignments`; const deployPayload = { assignments: [{ target: { '@odata.type': '#microsoft.graph.allDevicesAssignmentTarget' }, intent: 'apply' }] }; result = await graphClient.api(deployApiPath).post(deployPayload); break; default: throw new McpError(ErrorCode.InvalidParams, `Invalid action: ${args.action}`); } return { content: [{ type: 'text', text: JSON.stringify(result, null, 2) }] }; }
  • src/types/intune-types.ts:39-52 (schema)
    Primary TypeScript interface defining input schema/arguments for the tool, including action types, policy types, settings, and assignments. References supporting types like MacOSPolicySettings, PolicyAssignment.
    export interface IntuneMacOSPolicyArgs { action: 'list' | 'get' | 'create' | 'update' | 'delete' | 'assign' | 'deploy'; policyId?: string; policyType: 'Configuration' | 'Compliance' | 'Security' | 'Update' | 'AppProtection'; name?: string; description?: string; settings?: MacOSPolicySettings; assignments?: PolicyAssignment[]; deploymentSettings?: { installBehavior?: 'doNotInstall' | 'installAsManaged' | 'installAsUnmanaged'; uninstallOnDeviceRemoval?: boolean; installAsManaged?: boolean; }; }
  • src/types/intune-types.ts:54-337 (schema)
    Comprehensive type definitions for macOS policy settings used by the tool, including restrictions, security (FileVault, firewall, gatekeeper), system configuration, networking (VPN, WiFi), compliance settings, and assignment targets.
    export interface MacOSPolicySettings { // Configuration Profile Settings restrictions?: MacOSRestrictions; security?: MacOSSecuritySettings; systemConfiguration?: MacOSSystemConfiguration; networking?: MacOSNetworkingSettings; applications?: MacOSApplicationSettings; // Compliance Settings compliance?: MacOSComplianceSettings; // Custom Settings customConfiguration?: { payloadFileName: string; payload: string; // Base64 encoded .mobileconfig file }; } export interface MacOSRestrictions { allowAppInstallation?: boolean; allowAppRemoval?: boolean; allowSystemUIAppRemoval?: boolean; allowUniversalAppInstallation?: boolean; allowGuestUser?: boolean; allowPasswordAutoFill?: boolean; allowPasswordProximityRequests?: boolean; allowPasswordSharing?: boolean; allowSafariAutoFill?: boolean; allowScreenCapture?: boolean; allowRemoteScreenObservation?: boolean; allowAirDrop?: boolean; allowAirPlayIncomingRequests?: boolean; allowBluetoothModification?: boolean; allowDefinitionLookup?: boolean; allowFingerprintForUnlock?: boolean; allowSpotlightInternetResults?: boolean; allowTouchIdForUnlock?: boolean; allowWallpaperModification?: boolean; requirePasswordAfterScreensaver?: boolean; requireAdminPasswordToDeleteSystemApps?: boolean; } export interface MacOSSecuritySettings { filevault?: { enabled: boolean; recoveryKeyRotation?: boolean; hideRecoveryKey?: boolean; personalRecoveryKeyHelpMessage?: string; allowFDEDisableUserInitiated?: boolean; }; firewall?: { enabled: boolean; blockAllIncoming?: boolean; enableStealthMode?: boolean; }; gatekeeper?: { enableGatekeeper?: boolean; allowIdentifiedDevelopers?: boolean; enableGatekeeperAssessment?: boolean; }; systemIntegrityProtection?: { enabled: boolean; }; secureBootLevel?: 'off' | 'medium' | 'full'; allowedKernelExtensions?: { teamIdentifier: string; bundleIdentifiers: string[]; }[]; allowedSystemExtensions?: { teamIdentifier: string; allowedTypes: ('driverExtension' | 'networkExtension' | 'endpointSecurityExtension')[]; bundleIdentifiers: string[]; }[]; } export interface MacOSSystemConfiguration { computerName?: string; hostName?: string; localHostName?: string; systemPreferences?: { dock?: DockSettings; energySaver?: EnergySaverSettings; loginWindow?: LoginWindowSettings; timeZone?: string; networkTimeServer?: string; }; } export interface DockSettings { dockSize?: number; magnification?: boolean; largeSize?: number; orientation?: 'bottom' | 'left' | 'right'; minimizeToAppIcon?: boolean; showRecentAppsInDock?: boolean; launchpadSize?: number; staticItems?: DockItem[]; } export interface DockItem { type: 'application' | 'directory' | 'url'; path?: string; url?: string; label: string; } export interface EnergySaverSettings { desktopACPowerSettings?: PowerSettings; desktopBatteryPowerSettings?: PowerSettings; portableACPowerSettings?: PowerSettings; portableBatteryPowerSettings?: PowerSettings; } export interface PowerSettings { systemSleepTimer?: number; displaySleepTimer?: number; diskSleepTimer?: number; automaticRestartOnPowerLoss?: boolean; wakeOnLAN?: boolean; wakeOnRing?: boolean; } export interface LoginWindowSettings { loginWindowText?: string; shutDownDisabled?: boolean; restartDisabled?: boolean; sleepDisabled?: boolean; disableConsoleAccess?: boolean; loginWindowLaunchApplication?: string; hideLocalUsers?: boolean; includeNetworkUser?: boolean; hideAdminUsers?: boolean; hideMobileAccounts?: boolean; showFullName?: boolean; hideOtherUsers?: boolean; showPasswordHints?: boolean; allowGuestUser?: boolean; allowAutomaticLogin?: boolean; } export interface MacOSNetworkingSettings { globalHttpProxy?: ProxySettings; globalHttpsProxy?: ProxySettings; proxyCaptiveLoginAllowed?: boolean; vpnConfiguration?: VPNConfiguration[]; wifiProfiles?: WiFiProfile[]; certificateProfiles?: CertificateProfile[]; } export interface ProxySettings { enabled: boolean; server?: string; port?: number; username?: string; password?: string; bypassDomainsAndAddresses?: string[]; } export interface VPNConfiguration { connectionName: string; connectionType: 'IKEv2' | 'IPSec' | 'L2TP' | 'PPTP' | 'Cisco'; server: string; account?: string; authenticationMethod: 'usernameAndPassword' | 'certificate' | 'sharedSecret'; sharedSecret?: string; certificateIdentifier?: string; onDemandEnabled?: boolean; onDemandRules?: VPNOnDemandRule[]; } export interface VPNOnDemandRule { action: 'connect' | 'disconnect' | 'evaluateConnection' | 'ignore'; dnsSearchDomains?: string[]; dnsServers?: string[]; domainAction?: 'connectIfNeeded' | 'neverConnect'; domains?: string[]; requiredDNSServers?: string[]; requiredURLStringProbe?: string; } export interface WiFiProfile { ssid: string; hiddenNetwork?: boolean; autoJoin?: boolean; security?: 'none' | 'wep' | 'wpa' | 'wpa2' | 'wpa3' | 'any'; password?: string; eapSettings?: EAPSettings; proxySettings?: ProxySettings; } export interface EAPSettings { acceptedEAPTypes: number[]; username?: string; outerIdentity?: string; password?: string; certificateIdentifier?: string; trustedCertificates?: string[]; tlsAllowTrustExceptions?: boolean; } export interface CertificateProfile { certificateName: string; certificateTemplateName?: string; certificateAuthority?: string; renewalThresholdPercentage?: number; keySize?: 1024 | 2048 | 4096; keyUsage?: number; subjectAlternativeNameType?: 'none' | 'emailAddress' | 'userPrincipalName' | 'customAzureADAttribute' | 'domainNameService'; subjectNameFormat?: 'commonName' | 'commonNameIncludingEmail' | 'commonNameAsEmail' | 'custom' | 'commonNameAsIMEI' | 'commonNameAsSerialNumber'; } export interface MacOSApplicationSettings { managedApps?: ManagedApp[]; allowedApps?: string[]; blockedApps?: string[]; appInstallationPolicy?: 'notConfigured' | 'allowList' | 'blockList'; appAutoUpdatePolicy?: 'notConfigured' | 'enabled' | 'disabled'; } export interface ManagedApp { bundleIdentifier: string; appName: string; publisher: string; minimumSupportedOperatingSystem: string; installBehavior: 'doNotInstall' | 'installAsManaged' | 'installAsUnmanaged'; uninstallOnDeviceRemoval: boolean; appConfiguration?: Record<string, any>; } export interface MacOSComplianceSettings { passwordRequired?: boolean; passwordMinimumLength?: number; passwordMinutesOfInactivityBeforeLock?: number; passwordMinutesOfInactivityBeforeScreenTimeout?: number; passwordPreviousPasswordBlockCount?: number; passwordRequiredType?: 'deviceDefault' | 'alphanumeric' | 'numeric'; passwordRequireToUnlockFromIdle?: boolean; deviceThreatProtectionEnabled?: boolean; deviceThreatProtectionRequiredSecurityLevel?: 'unavailable' | 'secured' | 'low' | 'medium' | 'high' | 'notSet'; storageRequireEncryption?: boolean; osMinimumVersion?: string; osMaximumVersion?: string; systemIntegrityProtectionEnabled?: boolean; firewallEnabled?: boolean; firewallBlockAllIncoming?: boolean; firewallEnableStealthMode?: boolean; gatekeeperAllowedAppSource?: 'notConfigured' | 'macAppStore' | 'macAppStoreAndIdentifiedDevelopers' | 'anywhere'; secureBootEnabled?: boolean; codeIntegrityEnabled?: boolean; advancedThreatProtectionRequiredSecurityLevel?: 'unavailable' | 'secured' | 'low' | 'medium' | 'high' | 'notSet'; } // Policy Assignment Types export interface PolicyAssignment { target: AssignmentTarget; intent?: 'apply' | 'remove'; settings?: AssignmentSettings; } export interface AssignmentTarget { deviceAndAppManagementAssignmentFilterId?: string; deviceAndAppManagementAssignmentFilterType?: 'none' | 'include' | 'exclude'; groupId?: string; collectionId?: string; } export interface AssignmentSettings { installIntent?: 'available' | 'required' | 'uninstall' | 'availableWithoutEnrollment'; notificationSettings?: { showInCompanyPortal?: boolean; showInNotificationCenter?: boolean; alertType?: 'showAll' | 'showRebootsOnly' | 'hideAll'; }; restartSettings?: { restartNotificationSnoozeDurationInMinutes?: number; restartCountdownDisplayDurationInMinutes?: number; }; deadlineSettings?: { useLocalTime?: boolean; deadlineDateTime?: string; gracePeriodInMinutes?: number; }; }
  • smithery.ts:282-286 (registration)
    Tool registration/declaration in Smithery configuration for MCP server discovery, including name, description, category, tags, and basic input schema.
    name: 'manage_intune_macos_policies', description: 'Manage macOS configuration and compliance policies in Intune', category: 'Device Management', tags: ['intune', 'macos', 'policies', 'configuration', 'compliance'] },
  • src/tool-metadata.ts:132-135 (schema)
    Tool metadata including enhanced description, title, and MCP annotations for capabilities like destructive operations and open-world usage.
    manage_intune_macos_policies: { description: "Manage macOS configuration profiles and compliance policies for device security and management settings.", title: "Intune macOS Policy Manager", annotations: { title: "Intune macOS Policy Manager", readOnlyHint: false, destructiveHint: true, idempotentHint: false, openWorldHint: true }

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/DynamicEndpoints/m365-core-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server