Oct 24 2023 04:38 PM
Can't enrol iOS devices into Defender for Business. Android devices are enrolling OK.
I was using the following method as specified in the URL:
Onboard devices to Microsoft Defender for Business | Microsoft Learn
1. On the device, go to the Apple App Store.
2. If you haven't already done so, download and install the Microsoft Authenticator app. Sign in, and register your device in the Microsoft Authenticator app.
3. In the Apple App Store, search for the Microsoft Defender app.
4. Sign in and install the app.
5. Agree to the terms of use to continue.
6. Allow the Microsoft Defender app to set up a VPN connection and add VPN configurations.
7. Choose whether to allow notifications (such as alerts).
Device will not onboard. Not using InTune.
The problem was - the user was not registered to our organization in the Microsoft Authenticator app. Once I enabled that it appeared in AAD and Defender admin screens.
Need to update the instructions to say that even though MS Authenticator will ask you for your business username and password when installing the app - you still need to go back into settings and click on "Device Registration" and then sign in again with your business account.
Clarification needed to help administrators.