Tamper Protection managed by administrator and OFF - cannot be enabled manually when joined on-prem

%3CLINGO-SUB%20id%3D%22lingo-sub-1112500%22%20slang%3D%22en-US%22%3ETamper%20Protection%20managed%20by%20administrator%20and%20OFF%20-%20cannot%20be%20enabled%20manually%20when%20joined%20on-prem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1112500%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%2C%3C%2FP%3E%3CP%3EWe%20are%20currently%20only%20managing%20Microsoft%20Defender%20ATP%20via%20Group%20Policy%20and%20there%20is%20no%20GPO%20for%20tamper%20protection.%20But%20we%20cannot%20enable%20it%20manually%20either-.%20%22This%20setting%20is%20managed%20by%20your%20administrator%22%20and%20set%20tamper%20protection%20to%20OFF.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20deploying%20a%20new%20Windows%2010%20I%20can%20enable%20it%20manually.%20When%20joining%20the%20computer%20to%20on-prem%20AD%20and%20GPO%20for%20Windows%20Defender%20ATP%20hits%2C%20temper%20protection%20is%20turned%20off%20and%20you%20cannot%20change%20it.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20this%20by%20design%20or%20is%20there%20a%20GPO%20setting%20interfering%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F165630iDEF2BABE3CAB6A37%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1112500%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EGroup%20Policy%20Object%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMDATP%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ETamper%20Protection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1125935%22%20slang%3D%22en-US%22%3ERe%3A%20Tamper%20Protection%20managed%20by%20administrator%20and%20OFF%20-%20cannot%20be%20enabled%20manually%20when%20joined%20on-p%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1125935%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F134719%22%20target%3D%22_blank%22%3E%40Bj%C3%B6rn%20Lagerwall%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECurrently%20the%20only%20way%20to%20manage%20temper%20protection%20is%20through%20intune%2C%20more%20details%20here.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fwindows-defender-antivirus%2Fprevent-changes-to-security-settings-with-tamper-protection%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fwindows-defender-antivirus%2Fprevent-changes-to-security-settings-with-tamper-protection%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

Hi all,

We are currently only managing Microsoft Defender ATP via Group Policy and there is no GPO for tamper protection. But we cannot enable it manually either-. "This setting is managed by your administrator" and set tamper protection to OFF.

 

When deploying a new Windows 10 I can enable it manually. When joining the computer to on-prem AD and GPO for Windows Defender ATP hits, temper protection is turned off and you cannot change it.

 

Is this by design or is there a GPO setting interfering?

 

Thanks!

 

clipboard_image_0.png

1 Reply
Highlighted