Forum Discussion
Error when enrolling Windows into Endpoint Protection with Intune
Hey!
We're currently trying endpoint protection with Intune. I managed to get macOS with Endpoint Protection configured and enrolled iOS devices as well, but am struggling with Windows.
I have followed this guide: https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
In Windows Company Portal I get the error that I need to enrol the device with Endpoint Manager, and in admin centre the devices are marked as non-compliant with this failing "Require the device to be at or under the machine risk score:". The risk score is on Medium. The policy is assigned to all users.
In endpoint protection setup in the admin panel, it gives me this error: The Microsoft Defender for Endpoint connector is active for Windows but not included in an assigned compliance policy. To protect these platforms, click here to set up a compliance policy with the Machine Risk Score setting configured in the Microsoft Defender for Endpoint section."
This makes no sense to me, as it is set and assigned to all users. Does anybody have an idea?
- shehanjpIron ContributorHi,
If I get the issue right, this is related to device compliance and you setup the desired level you chosen was Medium.
Ideally the machine needs to be at or under Medium to be "Complied".
Is there any particular reason why you applied the policy to "All Users" but not to a Device Group or "All Devices"?
Cheers!- dougjohnsonmeCopper Contributor