Microsofttwo questions:
1) Has anyone had any luck getting 2012R2 enabled for Tamper Protection using new MDE agent + SCCM tenant attach +Intune Windows Security Experience config policy? I upgraded a few 2012R2 servers to new MDE agent that we manage with SCCM 2107 hotfix version and have them Tenant attached so we could apply the tamper protection enable settings policy from Intune to them. All our 2016 servers with new MDE agent show as Tamper Protected from same policy but 2012R2 servers dont apply the tamper policy.
Running get-mpcomputerstatus locally on all 2012R2 shows:
Istamperprotected=false
TamperProtectionSource = E5 Transition
2) About ASR rules, with the new MDE agent on 2016\2012R2 servers we manage with SCCM 2107 do we have the ability to set ASR configurations using SCCM Exploit Guard Policies? I tested creating an ASR rule set using SCCM and deployed it to new 2016\2012R2 MDE agents and it doesnt work. I just want to know if this is supported or if we will have to keep manually setting ASR rules for 2016\2012R2 using GPO or PowerShell. Thanks
