Forum Discussion
Unexpected ConfigurationType" error when attempting to onboard to Defender ATP with MECM
Ryan Steele Are you sure the affected devices ran the WindowsDefenderATPOnboardingScript.cmd successfully? Did you deploy this script using a package/program or as an application? When using an application (which I would prefer), make sure you define the registry-based detection rule using the OnboardingState value correctly, as described in the article. Did you set the AllowSampleCollection registry value correctly? Please note that this has to be a REG_DWORD value.
Okay, now I'm really confused 
I just realized that the link I provided above isn't actually the link to the instructions I was following. I was following these ones: https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/defender-advanced-threat-protection?redirectedfrom=MSDN. Nowhere in those instructions does it say anything about deploying a .cmd file.
To my reading, the .cmd file isn't required when deploying with a current version of Configuration Manager. Indeed, the deployment package that is downloaded from the Onboarding page in the Defender ATP console when selecting the "Microsoft Endpoint Configuration Manager current branch and later" deployment method contains a .onboarding file, not a .cmd file.
Edit: I also forgot to mention that one of the machines in this group was successfully onboarded, but the rest were not. I haven't yet investigated whether there were any particular configuration differences which would account for this.