Forum Discussion
I have a query on cloud servers can be best managed by Intune / SCCM?
Are the services reporting onboarded in Defender? If yes, then what is the AV status? Also, what is the OS of the servers and how are you assigning the policies? How have you created the Entra ID group? Another requirement is Defender for Servers licensing, however this is mostly for compliance purposes. You should still be able onboarding and manage the servers for MDE policies using Intune. I have implemented the solution for a number of customers so let me know if you have any questions.
Servers are onboarded to Defender, and then tagged with the 'MDE-Management' tag. After being tagged, they then show up in Intune as 'managed by MDE'. So following the doc, https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration, it all aligns up until the point where you target an AV or ASR policy to an Entra ID group that contains the Servers.
No errors in the policy assignment report in Intune, it doesn't get listed at all, as if it were never targeted.
Running the "MDE Client Analyzer" tool locally on the server, it does provide an error describing exactly what i am experiencing. But there is no detail as to why the assignment failed. Below is a snip from the analyzer report.
Please provide the snippet of the actual error. If the MDE connection analyser is throwing errors then you maybe missing some pre-requisites.