cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Defender for Endpoint Onboardingprofile Conflicts

53CU1t
Copper Contributor

‎Apr 22 2022 02:01 AM

‎Apr 22 2022 02:01 AM

Defender for Endpoint Onboardingprofile Conflicts

I have the problem that some newly installed clients do not onboard in Defender. The onboarding is done via the Intune. For this purpose, a device configuration profile was created and set in the Intune Defender settings under the EDR Settings Tab.

As far as I can see, the settings are duplicated here.
Is it correct that these settings can only be set in the device configuration profile and under EDR to "not configured"? What is the right way?

 

Thanks

Labels:
18K Views
0 Likes
3 Replies
Reply
3 Replies
best response confirmed by 53CU1t (Copper Contributor)
Oktay Sari

‎Apr 30 2022 08:02 AM

‎Apr 30 2022 08:02 AM

Solution

Re: Defender for Endpoint Onboardingprofile Conflicts

@53CU1t 

 

Not sure where your conflict comes from.. What policies did you exactly configure and are there multiple policies?


You can either deploy the onboarding package app or use the EDR policy.

assuming the prerequisites are met, here's how I onboard devices:

I use EDR to onboard devices. The profiles include an onboarding package for Microsoft Defender for Endpoint

 

  • Defender for endpoint enabled and connected with Intune/MEM. Service to service sync is up and running.
  • MEM>Endpoint Security>Endpoint Detection and Response
  • Create Profile
    • Platform: Windows 10, Windows 11 and Windows Server
    • Profile: Endpoint Detection and response
  • Microsoft Defender for Endpoint client configuration package type
    --> Auto from connector
  • Sample Sharing and Telemetry as desired.

This should do the trick. Here are the docs that can help you with the configuration.

  1. https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
  2. https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-edr-policy

 

2022-04-30_16h25_48.jpg

0 Likes
Reply
jwagsbluevoyant

‎Aug 10 2022 03:29 PM

‎Aug 10 2022 03:29 PM

Re: Defender for Endpoint Onboardingprofile Conflicts

@Oktay Sari I have the same issue, when I set "Auto from connector" I get an error message: "An error occurred. Request ID: xxxxxx-xxxx...  Won't let me save the profile.  Only option that works is "not configured"

 

I have follow all of the prerequisites, but have no idea what is blocking me from using Auto from Connector.  

0 Likes
Reply
Oktay Sari

‎Aug 22 2022 04:20 AM

‎Aug 22 2022 04:20 AM

Re: Defender for Endpoint Onboardingprofile Conflicts

Hi @jwagsbluevoyant, I had a couple of weeks off. Did you manage to fix this? Otherwise, I guess your best bet, would be to contact MS Support for the error message. 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by 53CU1t (Copper Contributor)
Oktay Sari

‎Apr 30 2022 08:02 AM

‎Apr 30 2022 08:02 AM

Solution

Re: Defender for Endpoint Onboardingprofile Conflicts

@53CU1t 

 

Not sure where your conflict comes from.. What policies did you exactly configure and are there multiple policies?


You can either deploy the onboarding package app or use the EDR policy.

assuming the prerequisites are met, here's how I onboard devices:

I use EDR to onboard devices. The profiles include an onboarding package for Microsoft Defender for Endpoint

 

  • Defender for endpoint enabled and connected with Intune/MEM. Service to service sync is up and running.
  • MEM>Endpoint Security>Endpoint Detection and Response
  • Create Profile
    • Platform: Windows 10, Windows 11 and Windows Server
    • Profile: Endpoint Detection and response
  • Microsoft Defender for Endpoint client configuration package type
    --> Auto from connector
  • Sample Sharing and Telemetry as desired.

This should do the trick. Here are the docs that can help you with the configuration.

  1. https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure
  2. https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-edr-policy

 

2022-04-30_16h25_48.jpg

View solution in original post

0 Likes
Reply