Sep 26 2024 12:00 AM
I have a problem with creating Endpoint Security Policies (Windows policies, Mac policies, Linux policies)
License is Microsoft Defender for Endpoint P2 for EDU.
Sep 27 2024 05:13 AM
Sep 29 2024 11:56 PM
I have a global administrator, a security administrator and an intune administrator.
I can't create one because I don't have access.
Do I need an intune licence to create security policies?
https://learn.microsoft.com/en-us/mem/intune/fundamentals/unlicensed-admins
I want to enable unlicensed admin, but I have unauthorised access.
I have written to support but I don't get a real answer. They say I need to have minimum F1 licence.
In all the documentation I have read, there is no mention of an intune licence to create security policies for endpoints.
Sep 30 2024 12:13 AM
Sep 30 2024 12:44 AM
If i go to Intune > Devices > All devices i got error below.
I don't have any license in tenant that include Intune.
If i'm correct i don't need any license to acces to Endpoint security in intune.
Sep 30 2024 01:01 AM
Yes, you will need an Intune license for accessing the Endpoint Security node (https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security#role-based-access-control-req...).
What's the background/idea on onboarding your devices to MDE and managing policies? Were you planning on doing both with Intune or did you want to go the MDE attach route (security config management)?
Sep 30 2024 02:19 AM
Sep 30 2024 02:22 AM
Sep 30 2024 02:34 AM
@am1357 Devices are hybrid azure ad joined with GPO onboard to MDE.
Sep 30 2024 03:06 AM - edited Sep 30 2024 03:12 AM
Sound like you want to go the MDE Attach route (https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration).
An Intune license assigned to your admin will make is easier but the following option should work:
If you haven't done yet, you'll also need to enable MDE attach (= security config management) for your device groups under Defender XDR > Settings > Endpoints > Enforcement Scope
Also ensure that you have the connector enabled for this to work in Intune (https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration#configure-your-tenant-...)