Oct 12 2022 05:59 AM
Hello folks,
A common or not so common question :thinking_face:
Is it mandatory for a device to be 'Azure AD Joined' in order to be on-boarded to MDE?
I am using 'Configuration Profile ' to deploy the MDE agent on the devices.
The device which is Azure AD Joined appears on the device list although the one which is Azure AD registered, doesn't.
Although both the devices appear in the 'Success' section of the Configuration profile.
please share your insights!
Oct 12 2022 11:19 AM
Oct 13 2022 05:50 AM - edited Oct 13 2022 05:54 AM
Actually, I realized today that it's not even about 'Joined' or 'Registered'. I managed to get the device Azure AD joined, still can't see it in MDE. I can fully manage the device from Intune apart from 'Updating the intelligence' (not sure why). I tried deploying the onboarding agent through the EDR policy as well and it shows 'Success' there, but no idea why the device won't appear in MDE. Ran the MDE client analyzer as well, all good there.
Oct 13 2022 06:39 AM
Oct 14 2022 02:48 AM
@Jonhed Yes, mate. I got to know the status of SENSE from the client analyzer and the logs didn't had any 'Error' entry. I used both configuration profile with the MDE template and then a EDR policy as well. These are separate time to avoid any conflicts.
Oct 14 2022 05:42 AM
Oct 14 2022 11:33 PM
Oct 16 2022 07:49 AM - edited Oct 16 2022 07:55 AM
This really sounds like a weird situation, since the SENSE service running means it is onboarded to something.
Are you assigning the policies to devices in Intune, or users?
Is the registered device running a supported edition of Win10/Win11( Pro, Education, Enterprise Edition)
Also real long-shot question, but did you check to make sure that the MDE organization ID on the device matches your M365D tenant?
Not that there would be a reason for this being different, especially if you are using the same policies for both the Azure AD Joined device and the Registered device..