Establish a service-to-service connection between Intune and Microsoft Defender for Endpoint

Copper Contributor

Hi,

 

My manager has asked me to investigate whether we can export an audit report from Intune that shows that all our devices are compliant and may includes data about all recent scans run by Defender.

 

I am following Implement endpoint protection by using Microsoft Defender for Endpoint module for this task related to Microsoft Defender Endpoint. As per procedure mentioned on Unit 3 of this module, I should see option of Endpoints when I click on Settings in Defender Portal to Enable Microsoft Defender for Endpoint in Intune.

 
NoorUlHassan_0-1701255603181.jpeg

 

But, I can only see this option right now:

NoorUlHassan_1-1701255652632.jpeg

 

We are using Microsoft 365 Business Premium plan that should support Advanced Cyber Attack protection features. Kindly guide me why can I not see toggle switch for Microsoft Intune connection setting so that I can turn it ON to establish a service-to-service connection between Intune and Microsoft Defender for Endpoint?

Also confirm whether my organization need any other license besides Microsoft 365 Business Premium in order to establish a service-to-service connection between Intune and Microsoft Defender for Endpoint.

NoorUlHassan_2-1701255877571.png

 

 

4 Replies

Hey @NoorUlHassan 

 

Do you have Security Administrator assigned to your permissions, this will give you access to Microsoft 365 Defender in full to adjust the controls in the portal

Hi @BillClarksonAntill 

 

Thanks for your response. I have been assigned role of Security Administrator.

NoorUlHassan_1-1701361504378.png

 

With the elevated role as Security Administrator, I can see many more options in Microsoft Defender portal but still, I see this message on Home page of Microsoft Defender portal:
You don't have the required permissions to start the setup process. Please ask your global admin for help.

 

NoorUlHassan_0-1701361415360.jpeg

Can you please shed some light on how can I leverage role of Security Administrator to establish a service-to-service connection between Intune and Microsoft Defender for Endpoint?

Although, with elevated role of Security Administrator, now I can see option of Endpoints when I click on Settings in Defender Portal but as soon as I click on Endpoints, I am redirected to this message:

 

You don't have the required permissions to start the setup process. Please ask your global admin for help.

 

NoorUlHassan_2-1701362039561.png

 

 

 

Hey @NoorUlHassan 

 

From those screenshots you have provided it looks like your Defender for Business hasnt been configured

 

It might pay to reach out to one of your Global Administrators and get them to configure Defender for Business, using these steps at this link here

@BillClarksonAntill 

 

Thanks for your assistance so far. I want to understand one point here.

 

This is the status I can see when I click on Threats and antivirus in Microsoft 365 admin center. The status confirms that Defender Antivirus is working and that there are no threats on any device. Can you please confirm why should we configure Defender for Business at this point when our devices are already secured by defender as shown in attached screenshot:

NoorUlHassan_0-1701697479224.png