Defender for Endpoint Onboardingprofile Conflicts

53CU1t · ‎Apr 22 2022

I have the problem that some newly installed clients do not onboard in Defender. The onboarding is done via the Intune. For this purpose, a device configuration profile was created and set in the Intune Defender settings under the EDR Settings Tab.

As far as I can see, the settings are duplicated here.
Is it correct that these settings can only be set in the device configuration profile and under EDR to "not configured"? What is the right way?

Thanks

53CU1t · ‎Apr 30 2022

@53CU1t

Not sure where your conflict comes from.. What policies did you exactly configure and are there multiple policies?

You can either deploy the onboarding package app or use the EDR policy.

assuming the prerequisites are met, here's how I onboard devices:

I use EDR to onboard devices. The profiles include an onboarding package for Microsoft Defender for Endpoint

Defender for endpoint enabled and connected with Intune/MEM. Service to service sync is up and running.
MEM>Endpoint Security>Endpoint Detection and Response
Create Profile
- Platform: Windows 10, Windows 11 and Windows Server
- Profile: Endpoint Detection and response
Microsoft Defender for Endpoint client configuration package type
--> Auto from connector
Sample Sharing and Telemetry as desired.

This should do the trick. Here are the docs that can help you with the configuration.

Products (68)

Special Topics (41)

Video Hub (858)

Most Active Hubs

Most Active Hubs

Video Hub

Defender for Endpoint Onboardingprofile Conflicts

Defender for Endpoint Onboardingprofile Conflicts

Re: Defender for Endpoint Onboardingprofile Conflicts