@randomenemy same here. I got it to work under some circumstances (enabling before joining domain) but we are hybridjoining our machines to deploy tamper protection policy from Intune.

@Björn Lagerwallidk maybe this helps too. I have a personal PC and registered win10 pro with my own account, but when COVID comes i sign in with my microsoft work account in TEAMS app, beacuse i want speak my colleagues in this application. When i sign in this TEAMS application, the application want to add my work ACC to my personal win10 pro. When i saw account page in win10 i saw my work account too, not only my personal win live account. IDK, i think, what if, not this is the problem, and i delete from account page my work account, and when i open again TEAMS application i allow the program only register my work account ONLY in TEAMS app. then i watch my acc page in win10, and i saw only my win10 personal account. After these i restart my machine and .................any combobox in DEFENDER application its switchable now. I didn`t saw any contact with my administrator yellow message in settingpages after this. Maybe when i sign into TEAMSapp and teamsapp questioning me, i want to add my work account to my win10 pro, and allow to my workacc to handle my system security......caused by my problem . Im not sure, this happend surely, but now im happy. :D

@RAVI25 

You guys may be experiencing this problem for a completely different reason than I am, but I will tell you why I think I see it on my computer. 

My secure boot keys are compromised and I have a hacker in my system that just won’t leave me alone. He has full access to all my devices, raspberry pi’s, PC’s, iPhones, androids, fire sticks etc and he uses digital certificates to work his angle in all devices so far. After figuring out he uses certificates I created a script to delete them. He tries new ways to grab hold of my computers so he can watch me do everything. It’s really creepy. I mean, really creepy. So, his new move is to disable Microsoft Windows defender and that whole side of the windows security app so he can tamper with my computer adding his malicious code and programs in it. He makes it so I can’t change any switches until he’s done with them and then I get access back. So, my reason for having tamper protection off and managed by an admin is because of my computers being fully compromised by this creepy attacker. I found this forum in my searches to remedy my situation and thought I would put it out there that you may have an attacker in your system…but also, maybe not. 

Another tip if you have a VPN. I use ExpressVPN and I like to use Google search engine. When you search google and you’re met with a ‘our systems have detected unusual traffic from your network’ screen with ‘I’m not a robot’ checkbox then you might be compromised. I have been battling the attacker for months and know that he logs all my traffic through the VPN info that he steals from my devices. Long story I won’t get into, but keep this in mind if this happens to you. 

Lastly, the attacker uses Microsoft Teams to watch everything I do. He will install it and hide every trace of it from you so you’re none the wiser. If you get any exclamation points on your Windows security app, especially the account one, then be aware that you may be being watched. If your sync settings are missing any switches, mainly the ‘theme’ one, that’s a problem. Anyway, I could talk for hours on what I know as being a victim. 

Be careful out there. Antivirus and malware programs are not very effective or effective at all for these attacks. 

@Rocknroll895 I think I have the same issue what did you do about it?

@Malix_off Tamper protection can be enabled within the Microsoft 365 Defender portal if you are using the E3 / E5 suite of security products

Within the portal if you head to settings > advanced features > Tamper Protection

@BillClarksonAntill thanks!
Actually I only use Windows 11 Home, in which I am the only administrator