Improve Windows CSP experience

[TsekNet]

Problem

As a new user of Fleet, I wanted to test the Windows MDM functionality. I ran into a few snags that I think could be improved:

1. The errors for CSPs need to be reformatted to make them useful. I can't copy the errors from the popup that shows when I mouse over the error column. This needs to be changed to an expandable text box, or some other format that allows copying the errors.
   
2. I would link to https://github.com/fleetdm/fleet/blob/89176651c22400d6266f408b6e6e7f7127461fd9/server/mdm/microsoft/syncml/syncml.go somewhere alongside this table, so I understand what Fleet-internal error codes mean. These do not translate to Microsoft error codes.
   • Can they translate to the actual error code that is seen in the event log? I feel like you can use the Event Id here? Example:

     Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin'; Level=2} -MaxEvents 100 | ft -Wrap
     
     
        ProviderName: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider
     
     TimeCreated                      Id LevelDisplayName Message
     -----------                      -- ---------------- -------
     2/21/2025 11:16:05 AM           404 Error            MDM ConfigurationManager: Command failure status. Configuration Source ID:
                                                          (xxxx), Enrollment Name: (MDMFull), Provider Name:
                                                          (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/P
                                                          olicy/Config/xxxxx), Result: (The system cannot find the file specified.).
     2/21/2025 11:16:03 AM           404 Error            MDM ConfigurationManager: Command failure status. Configuration Source ID:
                                                          (xxxx), Enrollment Name: (MDMFull), Provider Name:
                                                          (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/P
                                                          olicy/Config/xxxx), Result: (The system cannot find the file specified.).

3. It's not clear if it's possible to force a check-in with MDM without removing/re-adding the profile. It would be nice to have a button in the web UI to force sync with the latest uploaded CSPs. Example: We can enable users to sync their latest policy to get their device into compliance.
4. I'm not sure if this is possible, but it would be nice if the entire CSP xml wasn't rolled back (

   fleet/server/mdm/microsoft/syncml/syncml.go

   Line 85 in 8917665

   CmdStatusAtomicRollbackAccepted = "216"

   ) when a single policy in the entire file fails. I want my policy to be enforced partially.
5. It would be nice if I could enable Windows MDM for specific teams, in specific environments, without having to enable Windows MDM globally: https://fleetdm.com/docs/configuration/yaml-files#controls
6. I don't feel like the documentation is clear enough on how to identify CSPs, I will send a PR to improve this doc: https://fleetdm.com/guides/creating-windows-csps1. I read through this doc multiple times and still needed to do my own searching to see the proper format for all the different kinds of CSPs.