Forum Discussion
Change MDM Authority from MDE to MEM
Hi jrfre! I have to admit, I haven't actually done this yest myself. But let's walk through the theory first.
MDE offboarding is instant, you don't have to wait 7 days. That's just how long the Defender portal will allow an endpoint to stop sending telemetry before marking it 'inactive'. The MDE agent simply detaches itself from the tenant.
If you then enroll it in Intune, the MDM channel should be switched over. Assuming you've configured something to onboard the endpoint in MDE again in Intune, so that'll be restored as well.
I'd be happy to test it out for you, but am not in a position to do that before monday. Let me know if you need any more help!
Hi jrfre! I have to admit, I haven't actually done this yest myself. But let's walk through the theory first.
MDE offboarding is instant, you don't have to wait 7 days. That's just how long the Defender portal will allow an endpoint to stop sending telemetry before marking it 'inactive'. The MDE agent simply detaches itself from the tenant.
If you then enroll it in Intune, the MDM channel should be switched over. Assuming you've configured something to onboard the endpoint in MDE again in Intune, so that'll be restored as well.
I'd be happy to test it out for you, but am not in a position to do that before monday. Let me know if you need any more help!
- Hi NielsScheffers
Thanks for the reply. After posting I realized that the 7 day wait for MDE to process the offboarding was incorrect. Once offboarded from there, enroll devices into MEM, and further to MDE so that the authority is MEM and enforced by MDE.
Ta-da!
Thanks for the help 🙂
