Forum Discussion
Devices stuck in Passive Mode
Hello. We recently have switched over to Defender for Endpoint as our primary anti-virus. We were exploring ASR rules when we realized that a large number of our endpoints were not being put into a...
Is Defender available a provider in Security Center? Do you have this registry configured by any chance?
HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender, DisableAntiSpyware=1
HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender, DisableAntiSpyware=1
I think we discovered the problem. We are currently Co-Managed between SCCM and Intune. We were using SCCM for the Onboarding piece of Defender but some time ago we chose to set Intune as the primary manager of Endpoint Protection. Our guess is that this was causing some kind of conflict because the devices were looking to SCCM for their policy (and were showing as Onboarded) but they should have been onboarded via Intune. We did a test by offboarding a few devices, then re-Onboarding them with Intune and those devices are no longer stuck in Passive Mode.
We are working on doing a larger scale offboard then re-onboard now to confirm the fix.
We are working on doing a larger scale offboard then re-onboard now to confirm the fix.