Forum Discussion

ranj-singh111's avatar
ranj-singh111
Brass Contributor
Apr 28, 2020

Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

Hi Tech community.

 

I have 2 questions, related to some work I am doing with a customer who's devices are Azure Hybrid AD joined and using Windows 10 1909.

 

1. The windows 10 devices do not have a compliance policy set......yet however I am seeing a mixture of machines where it reports its compliance as success however when I dig into the policy settings I am seeing: 

 

Enrolled user exists - Compliant

Has a compliance policy assigned - Error - 65001 (Not applicable) Error code 0xfde9.

Is active - Compliant 

 

The error is picking up a default device compliance policy. Is there anyway this can be ignored or removed?

 

2. The customer is also using Defender Security centre and are leveraging the Threat and Vulnerability dashboard which reports the state of security patching for Windows, Office, IE, Edge across the estate. The customer is using Windows update for business to manage this however we are finding it's taking a long time for data to be refreshed in Defender ATP for example if the latest quality update has been applied. Intune is stating it has been installed but this isn't being reflected in DATP. Is this expected?

 

Many Thanks

R

 

 

 

Resources