Azure Active Directory (Azure AD) Graph has been deprecated since mid-2023 and is in its retirement phase to allow applications time to migrate to Microsoft Graph. As part of our ongoing efforts to p...
Updated May 14, 2024
Version 4.0
Blog Post
Paul Schnackenburg, funnily enough I was looking at the article (https://learn.microsoft.com/en-gb/mem/intune/protect/advanced-threat-protection-configure) in relation to the classic [Windows Defender ATP] Device policy on 16/04/2024 and can confirm that it did state "These policies can be ignored, but should not be edited, deleted, or disabled".
Checking this article today and it now states:
"As of the August 2023 Intune service release (2308), classic Conditional Access (CA) policies are no longer created for the Microsoft Defender for Endpoint connector. If your tenant has a classic CA policy that was previously created for integration with Microsoft Defender for Endpoint, it can be deleted. To view classic Conditional Access policies, in Azure, go to Microsoft Entra ID > Conditional Access > Classic policies."
The article has a last updated date of 17/04/2024 so must have been changed the day after I looked at it.
So please can Microsoft confirm that it is now ok to delete the [Windows Defender ATP] Device policy?
We also have the following classic policies in our tenant, presumable created by Microsoft integrations as we did not create them:
- [GraphAggregatorService] Mobile App Management policy
- [Office 365 SharePoint Online] Mobile App Management policy
- [Outlook Service for OneDrive] Mobile App Management policy
These look to be related to Intune as well, please can Microsoft confirm if these can now be deleted as well following the updated statement above or do we need to disable them and recreate them as New CA policies - in accordance with the Migrate a classic Conditional Access policy - Microsoft Entra ID | Microsoft Learn documentation?