No automatic MDE.Windows installation anymore

We have an Azure subscription to which our on-premises servers are connected via Azure Arc. Actually, only Microsoft Defender for Servers Plan 1 should be used. However, ‘Plan 2’ is billed in the cost analyses, which leads to significantly higher costs than planned. I´ve fixed it but it lead to the Problem of not installing MDE.Windows anymore.

The servers are connected to Azure by executing a script, after which some plugins are installed(MDE.Windows, MicrosoftMonitoringAgent, and on some servers "WindowsPatchExtension"). In the environment management of Defender for Cloud we have explicitly selected plan 1, despite this plan 2 is activated for each server. There is no Log-Workspace.

Here are the Policies, i think they go automaticly created by Azure.

I´ve deleted "ASC provisioning LA agent Windows Arc" and the linux one because this is deploying the two Extensions "MicrosoftMonitoringAgent" and "WindowsPatchExtension", which activate Plan 2. After deleting those to Extensions i should not get billed as Plan 2 anymore.

My Problem is now that i don´t have the policy to install the MDE Plugin anymore.

How do i get this working again, i need to install only the MDE Plugin on the computers to ensure we only use Plan 1. No other extensions, no Log-Workspace...

Appreciate the help.