Forum Discussion
Microsoft Defender for Endpoint policy assignment
Hey guys,
It was my understanding that you can assign Defender policies (Antivirus, EDR, ASR) to both users or devices. A coworker mentioned that you should never assign Defender policies to users because Defender targets devices and if you assign users it can create problems with duplicates, service accounts, bitlocker and some other things.
I'm confused now, any feedback you can provide would me much appreciated. When doing defender deployments some customers give me users for the pilot not devices, for example they want to test with the IT department first and they send me a list of users, so I assign the users to a pilot group, if we are deploying servers to then I create a server group and add the servers for the pilot and assign the group to the policies as well.
Thank you.