Feb 02 2023 10:09 PM
We have on-boarded windows 10/11 endpoints to MDE. Devices are managed by SCCM and on-boarded to MDE using SCCM however AV, EDR and ASR policies we are trying to push from Endpoint portal to utilize the MDE security management capability. AV and EDR policies were applied to the devices however ASR policies are showing "Not Applicable".
We checked further and found: Microsoft Defender for Endpoint: Push ASR rules with Security Settings Management on managed devices but this does not talk about devices which are managed by SCCM. Hence, I wanted to ask community member if this is not possible to push ASR policies via endpoint portal when devices are managed by SCCM.
Feb 02 2023 11:03 PM
@KashifKloudy how are you assigning the policies? I believe for this feature to work one needs a dedicated Azure AD group with relevant tagging on the devices. Any reason why co-management is not being used?
Feb 02 2023 11:11 PM
Feb 02 2023 11:24 PM
Feb 03 2023 12:13 AM
Windows 10 pro and win 11 devices are in pilot which are supported as per prerequisites for mde. And we have plan to on board 6k+ devices to mde however ASR policy is currently a blocker.