Join us June 17–18 for a deep dive into Copilot Control System—live expert-led sessions and Q&A on data security, agent lifecycle, adoption, and more! Learn more >

Forum Discussion

somedude1020

Copper Contributor

Dec 28, 2023

Tamper Protection Disabled - This settings is managed by your administrator

After changing Antivirus (SentinelOne has been uninstalled) to using only Microsoft Defender with Huntress half of my devices have tamper protection disabled. I cannot enable it via the Security app...

rahuljindal-MVP

Bronze Contributor

Dec 28, 2023

This has got me intrigued. So the rsop is showing not configured against all Defender settings?

somedude1020

Copper Contributor

Dec 28, 2023

correct

rahuljindal-MVP
Bronze Contributor
Dec 28, 2023
Is this applicable to you? https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-tamper-protection-microsoft-365-defender?view=o365-worldwide
- somedude1020
  Copper Contributor
  Dec 28, 2023
  We have a 365 Tenant, but we are not using Intune, Defender Portal. All my users are Office E3. We use Office\Sharepoint\Onedrive for the most part.
  - rahuljindal-MVP
    Bronze Contributor
    Dec 28, 2023
    I have got some more questions -
    1.The devices where Tamper protection is enabled, are they also showing as administratively managed?
    2. What is different between these devices?
    3. Is sentinelone removed all the way on devices in question?
    4. Are there any sentinelone policies that may still be applicable on the devices in question?
    
    If you have already checked for all the above already, then I guess opening a support case with Sentinelone and\or Microsoft will be the next logical step.