Edit Policy Permission Issue in MDE Portal

Question

Dear All, &nbsp;We are facing an issue with permission assignments in the MDE portal. &nbsp;We assigned the following permissions to the account (e.g., email address removed for privacy reasons): &nbsp;- MDE Portal: Under Settings &gt; Endpoints &gt; Permissions &gt; Roles, we added a role with all permissions except Live Response. &nbsp;- Intune: Assigned the Read Only Operator role. &nbsp;However, when logging in with this account, it cannot save policies such as ASR and Antivirus policies. The following error appears: &nbsp;"Access needed: You don’t have the right permissions in Intune to create/edit this information. To adjust your permissions, go to the Intune portal." &nbsp;Could someone advise on the required permissions to enable policy creation/editing? &nbsp;Thanks.

drivesafely · Answer

Hello All,After testing different permissions, i was able to give right to edit the policies by creating custom role with permissions - 'Attack Surface Reduction' and 'Security baselines'.

saulov8 · Answer

Have you tried assign more Intune permissions to the account? When MDE is integrated with Intune, endpoint security policies are managed in Intune. These policies are configured in the Intune admin center and enforced via MDE, meaning you need more Intune permissions than Read Only Operator to create them.

drivesafely · Answer

Hello saulov8&nbsp;Thanks for your response.I've created an Intune custom role with permissions for ASR, and the user can now edit/create ASR policies. Could you confirm which permissions are needed for other policies like Antivirus, Windows Security Experience, etc.?Thanks

saulov8 · Answer

Maybe try the Endpoint Security Manager role

drivesafely · Answer

Hello saulov8&nbsp;I have tested the Endpoint Security Manager role, and while it functions as expected, it also grants additional permissions beyond what we require, which is not ideal.Thanks.

Forum Discussion

Edit Policy Permission Issue in MDE Portal

7 Replies