Forum Discussion

Maz007's avatar
Maz007
Copper Contributor
Jan 23, 2024

Defender in Passive mode managed by ConfigMgr- Policies

We have Defender in Passive Mode enabled for few clients that have been on-boarded to Microsoft for Defender Portal and are reporting in. We used the packages from the portal to on-board devices.

Have created an AV Policy and applied to the devices which are a part of the group, however the policies are not getting applied, it says "This device isnt managed"

Currently the enforcement scope "security setting management "is not turned on and the devices show as managed by Config Mgr

 

Does turning on enforcement scope and tuning on Endpoint Security Profile Settings in Intune and Use MDE to enforce security configuration settings from Intune help in applying the established AV Policies. Additionally the on-boarded devices are part of AD Group and tagged.

 

  • PJR_CDF's avatar
    PJR_CDF
    Iron Contributor

    Maz007 

     

    What OS are these devices - W10/W11/Server?

    You say you created a policy - where in the MDE portal or an AntiMalware policy in Config manager or an AV policy in Intune?

    Are these devices onboarded to Intune?

Resources