Need some help implementing Defender for Endpoints

Copper Contributor

Hi Everyone,


I'm working on implementing Defender for Endpoints for our servers (2012r2, 2016 & 2019) currently. I'm needing some help on the steps required to get it working. For reference, this is what I've done:


- Hybrid environment, however I've noticed that only users are syncing via Azure AD Connect and hybrid Azure AD join isn't configured.

- I've turned the preview settings, etc on for Defender for Endpoints in Intune and the Defender portal.

- I have onboarded some of the servers and they appear in the Defender portal with their details, but do not show in Intune (I take it they should appear here so I can assign Defender config settings)?

- There is an LDAP API error on the servers in the Defender portal - I'm thinking this is due to them not being in Azure AD?


Is the solution as simple as configure computer sync/Azure AD hybrid join? I'm just wanting the servers to get the Defender for Endpoints settings and not be managed by Intune if possible.


Thank you for any assistance!

2 Replies


Yes you should just need to enable the Hybrid AD join, for devices and servers.

  • Hybrid Azure Active Directory Join must be configured in your environment (either through Federation or AAD Connect Sync)
  • AAD Connect Sync must include the device objects in scope for synchronization with Azure Active Directory (when needed for join)

Next Make sure you configure the settings here, and here


Takes a While after that but the devices will start showing like this 



Are you trying to manage endpoint exclusions for servers via Intune? If you are, I feel your pain. I am trying to add exclusions to Microsoft Servers of various versions Defender settings. Outside of using a GPO, or SCCM. I can't find anything of use. All I have is this. 


Configure and validate exclusions based on extension, name, or location | Microsoft Docs


If there is a way to manage Defender Endpoint exclusions for Servers via any Defender portal I can find.