Jan 22 2020 04:46 AM - edited Jan 22 2020 04:57 AM
I have ~1000 PC managed by sccm and onboarded in ATP.
Upgrading to 1903 PC starts to have 'Impaired communications' state.
Pcs have the same hardware and same software, and are configured in equivalent way.
The strange is that not all 1909 are in 'Impaired communications'. a little percentage are 'active'.
already tested with https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/fix-unhea...
I use the proxy way, and no problem with test.
What could I try?
thanks,
Paolo
Jan 22 2020 09:27 AM
Hi @Braguzz
did you check affected clients "sense" event log already?
can you confirm messages on the affected clients like:
Contacted server 8 times, all succeeded, URI: https://winatp-gw-weu.microsoft.com/.
Jan 22 2020 11:41 PM
Sometimes log says:
Server contacted 6 times; all failed operations, URI: https://winatp-gw-weu.microsoft.com/. Last HTTP error code: 0
sometimes (same machine) it says:
Server contacted 7 times; operation failed 6 times and completed 1 times. URI: https://winatp-gw-weu.microsoft.com/. Last HTTP error code: 0
I also have some other 'Infomation log' including:
The network connection is identified as normal. Windows Defender Advanced Threat Protection will contact the server every 300 seconds. Consumption connection: false, Internet available: true, free network available: true, the proxy is defined by GP: true.
but WHY only 1903 and 1909???
(in 1809 no errors in 'sense' logs)
Jan 04 2021 03:58 PM
@Braguzz Hi there Did you ever find resolution to this problem?
May 24 2021 04:26 AM
Dec 22 2021 12:00 AM
Oct 11 2023 05:53 AM
Hi you any solution for this issue we tried all things but still face this issue for 2019 servers.