Onboard domain computers by GPO deployment. Policy created by Defender Portal are not deployed

Copper Contributor

Hi

I onboarded computers using Group Policy Deployment and set additional GPO settings described in this document: Onboard Windows devices to Microsoft Defender for Endpoint via Group Policy - Microsoft Defender for...

 

Then I created Endpoint Security Policies in Defender Portal. Assign to All Users and All computers groups. I see that these policies are not deployed to computers.  Option "Policy sync" on computer menu is grey out (disabled). I don't know why?

Perhaps if I set additional defender settings by GPO it is means that I cannot use Endpoint Security Policies in Defender Portal? We don't use Intune or MDM. We have only Defender for Endpoint P1 licence and synchronization domain users and computers account with Microsoft Entra.

 

Thank you for help

Tomasz

 

4 Replies
Have you enabled the MDE connector with Intune? Also, if the devices are not enrolled in Intune then you are looking at enabling security configuration management feature. Have you done that?
Hi,
I didn't enabled the MDE connector with Intune because we don't have Intune Licencses. Is Intune necessary to configure Defender environment?
Apologies, I miss read endpoint security profiles being used with Intune. If you are using the profiles in Defender then it is not necessary to connect with Intune. Are the devices reporting onboarded with their sensors active? Have you tried assignments against Defender device groups?
Have you tried assignments against Defender device groups? - How. I created Device Group using Defender portal but when I want assign group to Rule I see ony Azure Domain Groups and "All Users" and "All Computers" default groups. I cannot use Defender Device Groups. All computers have status Active,

- Configuration: updated (green mark)
- Real time protection/RTP: Enabled (green mark)
- Behavior monitoring/BM: Enabled (green mark)

So connection between Defender and computers is working.