From 48399de01b84670382584b0f7598f47ffc55cc8a Mon Sep 17 00:00:00 2001
From: mcgov <mamcgove@microsoft.com>
Date: Thu, 31 Oct 2024 18:54:07 -0700
Subject: [PATCH] mdatp check: add mdatp health invocation to check for
 onboarding (#3492)

* mdatp check: add mdatp health invocation to check for onboarding

* omit sudo for command -v
---
 microsoft/testsuites/mdatp/check-mdatp.sh | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/microsoft/testsuites/mdatp/check-mdatp.sh b/microsoft/testsuites/mdatp/check-mdatp.sh
index 8d5f2497b5..0bdb70f328 100644
--- a/microsoft/testsuites/mdatp/check-mdatp.sh
+++ b/microsoft/testsuites/mdatp/check-mdatp.sh
@@ -113,5 +113,20 @@ if [ -f "$MDATP_OPT_DIR/mdatp_onboard.json" ]; then
     EXIT_CODE=$EXIT_ONBOARD_INFO_FOUND
 fi
 
+# special log line if mdatp installed and reports it is onboarded
+MDATP_ORG_ID=$(\
+    command -v mdatp \
+    && mdatp health \
+    | grep --fixed-strings 'org_id:' \
+    | cut -f 2 -d ':' \
+    | tr -d '[:blank:][:punct:]' \
+)
+if [ -n "$MDATP_ORG_ID" ]; then
+    echo "$ERROR_MSG_HEADER" >&2
+    echo "ERROR: mdatp is installed and reports this device is onboarded:" >&2
+    sudo mdatp health >&2
+    EXIT_CODE=$EXIT_ONBOARD_INFO_FOUND
+fi
+
 # returns nonzero value if defender info is found
 exit $EXIT_CODE
\ No newline at end of file