fling logo of Workspace ONE Policy Analyzer for Windows

Workspace ONE Policy Analyzer for Windows

version 1.0 — October 08, 2021

Contributors 2

View All

Comments 4

  • profile picture of Mike Gonzalez
  • profile picture of Max Fox
  • profile picture of Mike Gonzalez
  • profile picture of Max Fox
View All


Workspace ONE Policy Analyzer for Windows aids in the management of profiles and baselines for Windows 10 devices. Policy Analyzer uses the Workspace ONE UEM API to review the status of profiles and baselines assigned to a specified Windows 10 device. The resultant HTML report displays all the assigned policies and baselines as well as highlighting potential conflicts between any profiles and/or baselines on the device. The reports also displays all profiles and baselines without potential conflicts. The administrator can then use the Workspace ONE UEM Console to resolve any issues identified.


Workspace ONE


Workspace ONE Policy Analyzer is a Microsoft Windows command line tool that does not require installation. Once the package is extracted at a desired location it can be run in a command window.

The tool has two commands:

  • analyze – analyses a given device’s policy.
  • list-devices - lists devices in the system for a given user. The output is printed on the screen as a tab separated list.
There are various options that can be passed into the tool.

Work on any command

  • -a, --api-url (REQUIRED). The url to the UEM environment’s rest API. Must be the API url, this is usually <uem-base-url>/api
  • -k, --api-key (REQUIRED). The API key to authenticate into the UEM environment's rest API.
  • -u, --api-username (REQUIRED). The API username to login to the UEM environment.
  • -p, --api-password (REQUIRED). Password for the preceding user.
Analyze command
  • --device-udid (REQUIRED). The UDID of the device to generate the report for. This can be discovered in the device details page in UEM console.
  • --report-dir (OPTIONAL). The directory where the reports will be saved into. If not specified, defaults to the current directory.
List devices command
  • --device-username (OPTIONAL). Username filter to filter devices to.
  • --json (OPTIONAL). Convert the output to JSON format rather than a TSV.
  • --max-devices (OPTIONAL). The maximum number of devices to fetch. If not specified, this defaults to 10.

UEM minimum permissions

The user given to the above commands needs the following set of permissions in Workspace ONE UEM:

  • API/Devices/REST API Devices Read
  • API/Groups/REST API Groups Read
  • API/Profiles/Updates Policy Read access
  • API/Profiles/Rest API Profiles Read
  • Device Management/Baselines/View Baselines
  • Groups/View/Organization Group
  • Groups/View/Organization Group List View
for convenience, there's an importable role .xml file in this fling's download section that you can verify and import into Workspace ONE UEM if you wish.

Similar Flings

Sep 26, 2023
fling logo of Forklift for Workspace ONE UEM

Forklift for Workspace ONE UEM

version 3.0.3

The Forklift for Workspace ONE UEM Fling allows migration of Workspace ONE UEM Resources between different Workspace One UEM environments. Rapid deployment of resources bundled as a "Deployment Template". Lastly the creation of a Continuous Delivery Pipeline for resources.

Aug 02, 2023
fling logo of Control My Update

Control My Update

version 2.2.5

This Fling is a full 360 degree solution for Windows Update management. Create full supported Windows Update configurations and use the fling for install and monitor Windows Updates.

Jan 04, 2022
fling logo of VM News Collector

VM News Collector

version 1.0

VM News Collector is a real-time news aggregator dedicated to the collection of all kinds of real-time news updates and applicable information & resolutions on all technology products belonging to the VMWARE Group, a technology giant, leading the technology revolution in cloud computing & virtualization fields.
No need to scroll through hundreds of documents looking for informations. VM News Collector App has it all for you.