Forum Discussion
Intune Connection Issues in Defender for Endpoint
We have M365 E5 across the board which includes Defender for Endpoint P2. We're planning to enable Intune-MDE integration but getting this warning "A Microsoft Intune license was not found"
Despite that message, I can still enable it (toggle the switch is allowed) and then the connection appears to be established.?
But! more importantly, when it comes to the functionality, I cant create a "Auto from connector" EDR policy from Intune which could be due to the above glitch?
"Create from Preconfigured Policy" option also greyed out.
A custom policy also doesn't have the "Auto from connector" option to onboard devices.
Has anyone seen this?
Any inputs are highly appreciated !
Thank you
Kev
Curious_Kevin16 Had the exact issue until yesterday. Microsoft article is not up to date and below is what you need to do.
1. Create a new EDR Policy, use "Onboard" option as "Auto from connector" is now deprecated by Microsoft.
2. For the device key, navigate to Defender portal --> Settings --> Endpoint --> Select following and download the package.3. Open the zip file and copy the code this is a lengthy text which you have to copy.
4. Paste the key in the field "Onboarding (device)"
5. Onboarding will not occur through the connector and this is the new look of the automatic onboarding.
Hope that helps.
5 Replies
Curious_Kevin16 Had the exact issue until yesterday. Microsoft article is not up to date and below is what you need to do.
1. Create a new EDR Policy, use "Onboard" option as "Auto from connector" is now deprecated by Microsoft.
2. For the device key, navigate to Defender portal --> Settings --> Endpoint --> Select following and download the package.3. Open the zip file and copy the code this is a lengthy text which you have to copy.
4. Paste the key in the field "Onboarding (device)"
5. Onboarding will not occur through the connector and this is the new look of the automatic onboarding.
Hope that helps.
Worked like charm. I'm guessing the stats will take some time to reflect the onboarding progress.
Thank you so much manojviduranga for this !!
Based on the information you’ve already provided — that the licensing, rights, and prerequisites have been checked — I recommend rechecking or proceeding as follows:
- Licensing, Rights, and Prerequisites
Ensure that all licensing, rights, and prerequisites are correctly configured. - Create the Service-to-Service Connection
In the Defender portal, go to Endpoints → Microsoft Intune Connection, and set the connection to On. - Check the Connection Status in Intune
From your screenshots, the current status appears as Available. After some time, it should change to Enabled, or after you make a change and Save that under Intune | Endpoint Security | Microsoft Defender for Endpoint - Verify or Adjust the Configuration
Go to Endpoint Security → Microsoft Defender for Endpoint in Intune.- Enable: Connect Windows devices version 10.0.15063 and above to Microsoft Defender for Endpoint
- If your devices are not enrolled in Intune, turn On the option Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations.
- Make further Configuration as you need.
- Check the Onboarding Status
Navigate to Endpoint Security → Endpoint Detection and Response → EDR Onboarding Status.
Note: You need to have devices managed by Intune to see them listed here. - Create an EDR Policy to Onboard Windows Devices
Create an Endpoint Detection and Response (EDR) policy to onboard your Windows devices.
Note: You must have devices managed by Intune to see them listed here. - Deploy the EDR Policy to Onboard Windows Devices
- Method 1: Under EDR Onboarding Status, click Deploy preconfigured policy.
- Method 2 (commonly used): Go to Endpoint Security → Endpoint Detection and Response → Create Policy.
The Onboarding blob from Connector field should be automatically populated.
- Additional Checks
Review related configurations and verify that all integrations between Intune and Microsoft Defender for Endpoint are properly synchronized.
https://learn.microsoft.com/en-us/defender-endpoint/onboarding?source=recommendations
https://learn.microsoft.com/en-us/defender-endpoint/configure-device-connectivity#prerequisites
See this Video also:
https://www.youtube.com/watch?v=z3e9gSBNCJE
Good luck!
- Licensing, Rights, and Prerequisites
Ensure that the account you are logged into is assigned an E5 License. Verify that Intune is set as the MDM authority in Intune --> Tenant Administration --> Tenant Status
Thanks for the response KevinVanover
1. License was already assigned (although this shouldn't be the case) to my logged in acc.
2. Yes - Tenant status shows Intune as MDM Authority.
