Forum Discussion

HasanHasib's avatar
HasanHasib
Copper Contributor
Jul 12, 2023

MDE License Requirements

Hi All,

 

Just 2 quick questions:

 

(1) If 'Enterprise Mobility + Security E5' license OR 'Microsoft 365 E5' license is already assigned to a user, do we also need to assign the Microsoft Defender for Endpoint P2 license to the user to make his/her device onboarded to MDE?

 

(2) Windows 11 devices are running with Kaspersky Endpoint Security. We've successfully enabled the Co-management for these endpoints but they are not getting onboarded to MDE. Could Kaspersky be the reason and blocking the MDE onboarding? I even tried running the manual script on 3 devices (cmd says script executed successfully and device has been onboarded) but no luck... Do we need to remove the Kaspersky first?

 

Thanks in anticipation for the guidance...

 

  • HasanHasib 

     

    1) No, Enterprise Mobility + Security E5 only contains those features

    Azure Active Directory Premium (AADP) P2, Azure Information Protection P2, Microsoft Cloud App Security, Azure Active Directory [AD] Identity Protection (as a feature of AADP P2), Azure Advanced Threat Protection, Azure AD Privileged Identity Management (as a feature of AADP P2).

     

    2)try to exclude C:\Program Files\Windows Defender Advanced Threat Protection folder form Kaspersky if its blocking the MsSense.exe from running on the devices 

  • HasanHasibHi,

     

    1) M365 E5 includes the Microsoft Defender for Endpoint plan 2 and you can double check this from the MDE portal, settings, Licenses 

     

    2) are you onboarding devices through a Group policy ? and you tried to run the local script on one of the devices and its getting blocked ? no error ? 

     

    you can use the MDE analyzer to get a detailed report and check why your devices is not successfullu onboarded 

    https://aka.ms/MDEAnalyzer

     

    • HasanHasib's avatar
      HasanHasib
      Copper Contributor

      Hi eliekarkafy ,

       

      Thank you very much for replying.

       

      (1) What about the 'Enterprise Mobility + Security E5' license? Does it also include the Microsoft Defender for Endpoint P2 license?


      (2) No, I'm trying to onboard devices thru Intune. Devices are being shown as Co-managed in Intune. EDR policy is in place and is applied to the appropriate group containing the targeted devices. Only 1 test device has got onboarded to MDE so far... it didn't have Kaspersky installed... Rest of the devices have Kaspersky installed and may be blocking the MDE onboarding...

       

      I'll check this MDE Analyzer tool.

       

      Thanks again...

      • eliekarkafy's avatar
        eliekarkafy
        MVP

        HasanHasib 

         

        1) No, Enterprise Mobility + Security E5 only contains those features

        Azure Active Directory Premium (AADP) P2, Azure Information Protection P2, Microsoft Cloud App Security, Azure Active Directory [AD] Identity Protection (as a feature of AADP P2), Azure Advanced Threat Protection, Azure AD Privileged Identity Management (as a feature of AADP P2).

         

        2)try to exclude C:\Program Files\Windows Defender Advanced Threat Protection folder form Kaspersky if its blocking the MsSense.exe from running on the devices 

Resources