cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

ranj-singh111
Brass Contributor

‎Apr 28 2020 02:26 AM

‎Apr 28 2020 02:26 AM

Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

Hi Tech community.

 

I have 2 questions, related to some work I am doing with a customer who's devices are Azure Hybrid AD joined and using Windows 10 1909.

 

1. The windows 10 devices do not have a compliance policy set......yet however I am seeing a mixture of machines where it reports its compliance as success however when I dig into the policy settings I am seeing: 

 

Enrolled user exists - Compliant

Has a compliance policy assigned - Error - 65001 (Not applicable) Error code 0xfde9.

Is active - Compliant 

 

The error is picking up a default device compliance policy. Is there anyway this can be ignored or removed?

 

2. The customer is also using Defender Security centre and are leveraging the Threat and Vulnerability dashboard which reports the state of security patching for Windows, Office, IE, Edge across the estate. The customer is using Windows update for business to manage this however we are finding it's taking a long time for data to be refreshed in Defender ATP for example if the latest quality update has been applied. Intune is stating it has been installed but this isn't being reflected in DATP. Is this expected?

 

Many Thanks

R

 

 

 

Labels:
173K Views
1 Like
6 Replies
Reply
6 Replies
Thijs Lecomte

‎May 01 2020 01:01 AM

‎May 01 2020 01:01 AM

Re: Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

HI

For question one, there is a setting 'Mark devices with my compliance policy assigned as', yours will be set to 'non-compliant'.
https://techcommunity.microsoft.com/t5/microsoft-intune/device-compliance-65001-not-applicable-and-d...
I would advise to keep it this way. This makes sure all computers have a good compliance policy assigned

For your second question, yes TVM in MDATP is slow :). No workaround here unfortunately. You just have to be patient
0 Likes
Reply
Like_A_Number

‎Aug 24 2020 09:03 AM

‎Aug 24 2020 09:03 AM

Re: Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

@Thijs Lecomte 

Please be clear.  This error 65001 (not applicable)

1. means something or means nothing

2. This statement of yours: 'Mark devices with my compliance policy assigned as', yours will be set to 'non-compliant'.  Seems to indicate that devices with a compliance policy assigned will be marked "non-compliant."  This seems contradictory.  Please explain tis logic.

 

I have this issue as well, and I've not found a satisfactory explanation on line at all.  Thanks for your help.

1 Like
Reply
Thijs Lecomte

‎Aug 25 2020 03:54 AM

‎Aug 25 2020 03:54 AM

Re: Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

Check this out https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started#compliance-policy-...
What is the value of 'Mark devices with no compliance policy assigned as' for you
0 Likes
Reply
Saleem_Jan007

‎Feb 08 2021 07:00 AM - edited ‎Feb 08 2021 07:01 AM

‎Feb 08 2021 07:00 AM - edited ‎Feb 08 2021 07:01 AM

Re: Device compliance 65001 (Not Applicable) and Defender Security centre weirdness

What I think, you need to go into properties of specific machine and assign a category also check which policies has been assigned to machine, thanks.

0 Likes
Reply