Forum Discussion

Tempest62's avatar
Tempest62
Copper Contributor
Nov 26, 2023

Tamper Protection deployment to Windows Server through Intune not working

I'm encountering this error when I try to push Tamper Protection to some Windows Server 2019/2022 machines through Intune:

 

 

I note from the table here this feature isn't yet fully supported, however this guide suggests it is possible. 

 

Can somebody please clarify what the correct state of play is, and how soon customers can expect deployment from Intune to start working?

 

Thanks.

  • I experienced similar behaviour when enrolling the servers in Intune through security settings management feature. I ended up enabling Tamper protection at the tenant level in Defender.

  • LeonPavesic's avatar
    LeonPavesic
    Silver Contributor

    Hi Tempest62,

    Microsoft Intune allows organizations to manage Tamper Protection, even extending its reach to Windows Server deployments. To implement Tamper Protection on Windows Server through Intune, follow these steps:

    1. Navigate to the Intune admin center, proceed to Endpoint security > Antivirus, and click on + Create Policy.
    2. Select Windows 10, Windows 11, and Windows Server in the Platform list.
    3. Choose Windows Security experience in the Profile list.
    4. Create a profile with the setting: TamperProtection (Device): On.
    5. Configure additional options for your policy.
    6. Deploy the policy to your devices.

    However, encountering deployment issues on Windows Server 2019/2022 may result from various factors. Notably, Configuration Manager version 2006, with tenant attach, extends Tamper Protection to Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022.

    For the latest information on deployment challenges and resolutions, it is recommended to refer to official Microsoft documentation or contact Microsoft support.

    Manage tamper protection for your organization using Microsoft Intune | Microsoft Learn

    Frequently asked questions (FAQs) about tamper protection | Microsoft Learn

    Windows Defender tamper protection management in Microsoft Intune - Microsoft Community Hub

    Please click Mark as Best Response & Like if my post helped you to solve your issue.
    This will help others to find the correct solution easily. It also closes the item.


    If the post was useful in other ways, please consider giving it Like.


    Kindest regards,


    Leon Pavesic
    (LinkedIn)

    • Tempest62's avatar
      Tempest62
      Copper Contributor
      Thanks for your reply Leon. The steps you've laid out (1–6) is what I have done and what then results in the error shown in my initial post.

      I do not use Config Manager, have not configured Tenant Attach, so the problem is unique to Windows Security Experience and something Microsoft need to solve.
  • rahuljindal-MVP's avatar
    rahuljindal-MVP
    Bronze Contributor

    I experienced similar behaviour when enrolling the servers in Intune through security settings management feature. I ended up enabling Tamper protection at the tenant level in Defender.

    • Tempest62's avatar
      Tempest62
      Copper Contributor
      Thanks for your reply and the reminder about enabling TP at tenant level. I had done this some time ago and now realise what I'd been looking at on my test machines was the wrong configuration. A Kusto query for TP across all inventory confirms I have the correct settings in place.

Resources