My predecessor deployed Microsoft Defender to our macOS devices before deploying the configuration profiles, resulting in many of them not have any content in the device timeline in Security Center https://securitycenter.windows.com/machines and in the terminal command run locally on the computers mdatp --health returning realTimeProtectionAvailable : false realTimeProtectionEnabled : false
How can I identify the computers that aren't configured correctly, and fix them?
Perhaps a macOS script that evaluates the MS Defender health of a device's install, logs it, and if there's a problem, deletes Defender from the computer ? sudo rm -rf /Applications/Microsoft\ Defender\ http://ATP.app
Then Intune would automatically reinstall the "required" Defender app, which would now work properly because the prerequisite config profiles are now present at install.
And, it'd be nice to know if there's proactive monitoring in Security Center letting me know that there's a config problem with a macOS connected device, besides having to run this command locally on every computer mdatp --health and checking for realTimeProtectionAvailable : false realTimeProtectionEnabled : false