Forum Discussion
MDE onboarding issue, computer needs onboarding but show up as enrolled in Intune.
First of all, sorry if this happens to be a repost - I've done a fair bit of searching on the forums before creating this discussion.
I'm new at my workplace and I do not have any prior experience with MDE or any of the MS products in general. So please keep in mind that you might need to ELI5 some things to me.
I've spend the last couple of weeks trying to get up to speed with the different products that we use. One of my tasks is to sort out MDE and Intune.
I've taken over this position from a guy who worked on implementation for 1,5 years before I took over so there's a lot of troubleshooting which is fairly hard since I have no clue about the configurations he's been making.
My problem is that in the MDE security recommendations we currently have devices which are listed as not onboarded but shows in the Intune admin center and as managed by Intune. Below is a picture of a machine with this exact problem.
Left side: Defender for endpoint
Right side: Intune admin center
As far as I've understood from my colleagues, we're running auto enrollment through Hybrid join? where if a machine joins our local AD it gets automatically enrolled
Thanks for the help and sorry for the long post.
EDIT: Typo
Enrolling devices into Azure AD/Intune is not the same as onboarding them to MDE.
Have a look and see if you have any EDR policies configured in Intune, which might not be properly scoped. (Or if the devices in question need to be added to a group that is targeted by existing EDR policies.)
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-edr-policy
- JonhedSteel Contributor
Enrolling devices into Azure AD/Intune is not the same as onboarding them to MDE.
Have a look and see if you have any EDR policies configured in Intune, which might not be properly scoped. (Or if the devices in question need to be added to a group that is targeted by existing EDR policies.)
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security-edr-policy- HiddenInTheCablesCopper ContributorThanks for the clarification. That alone can most likely save me a headache or two!