cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Need some help implementing Defender for Endpoints

AusA380
Copper Contributor

‎May 02 2022 11:48 PM

‎May 02 2022 11:48 PM

Need some help implementing Defender for Endpoints

Hi Everyone,

 

I'm working on implementing Defender for Endpoints for our servers (2012r2, 2016 & 2019) currently. I'm needing some help on the steps required to get it working. For reference, this is what I've done:

 

- Hybrid environment, however I've noticed that only users are syncing via Azure AD Connect and hybrid Azure AD join isn't configured.

- I've turned the preview settings, etc on for Defender for Endpoints in Intune and the Defender portal.

- I have onboarded some of the servers and they appear in the Defender portal with their details, but do not show in Intune (I take it they should appear here so I can assign Defender config settings)?

- There is an LDAP API error on the servers in the Defender portal - I'm thinking this is due to them not being in Azure AD?

 

Is the solution as simple as configure computer sync/Azure AD hybrid join? I'm just wanting the servers to get the Defender for Endpoints settings and not be managed by Intune if possible.

 

Thank you for any assistance!

1,435 Views
0 Likes
2 Replies
Reply
2 Replies
null null

‎May 03 2022 07:16 AM

‎May 03 2022 07:16 AM

Re: Need some help implementing Defender for Endpoints

@AusA380 

Yes you should just need to enable the Hybrid AD join, for devices and servers.

  • Hybrid Azure Active Directory Join must be configured in your environment (either through Federation or AAD Connect Sync)
  • AAD Connect Sync must include the device objects in scope for synchronization with Azure Active Directory (when needed for join)

Next Make sure you configure the settings here, https://endpoint.microsoft.com/#blade/Microsoft_Intune_Workflows/SecurityManagementMenu/atp and here https://security.microsoft.com/preferences2/configuration_management2

 

Takes a While after that but the devices will start showing like this 

nullnull_0-1651587355134.png

 

0 Likes
Reply
denting24by7

‎May 03 2022 10:43 AM - edited ‎May 03 2022 10:49 AM

‎May 03 2022 10:43 AM - edited ‎May 03 2022 10:49 AM

Re: Need some help implementing Defender for Endpoints

Are you trying to manage endpoint exclusions for servers via Intune? If you are, I feel your pain. I am trying to add exclusions to Microsoft Servers of various versions Defender settings. Outside of using a GPO, or SCCM. I can't find anything of use. All I have is this. 

 

Configure and validate exclusions based on extension, name, or location | Microsoft Docs

 

If there is a way to manage Defender Endpoint exclusions for Servers via any Defender portal I can find. 

0 Likes
Reply