Onboarding Devices to Purview

Endpoint DLP requires that Windows 10,Windows 11, Windows Server 2019 and later versions devices be onboarded into the service so that they can send monitoring data to the services. This is independent of whether Microsoft Defender Antivirus is your primary AV.

Device onboarding is shared across Microsoft 365 and Microsoft Defender for Endpoint (MDE). If you've already onboarded devices to MDE, they appear in the managed devices list and no further steps are necessary to onboard those specific devices. Onboarding devices in Microsoft Purview portal also onboards them into MDE. https://learn.microsoft.com/en-us/purview/device-onboarding-overview

In your case, you've already onboarded the devices using the Intune EDR onboarding policy, so there's nothing else you need to do from an onboarding perspective. You could have achieved the same result by using the onboarding package from the Purview portal. https://learn.microsoft.com/en-us/purview/device-onboarding-script 

When you onboard the device to MDE, Microsoft Defender Antivirus can remain in Passive mode while CrowdStrike continues to provide primary antivirus protection. Seeing AMRunningMode = Passive is expected in that scenario and doesn't mean Defender AV has taken over. https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-passive-mode