Jan 05 2024 05:06 AM
Hello Experts,
I've been trying to implement some defender recommendations and can't figure out why "
It is assigned to a group of users
I'm confused as it all seems to be "succeeded" but it has no effect on the end user device looks like.
Any idea what am I missing here?
Jan 05 2024 06:44 AM
The policy values in your screenshot seem legit. Have you checked the event view logs on the devices in question to gather more details?
Jan 05 2024 06:59 AM
haven't checked events as I am not very familiar with it.... What should I be looking for there pls? Will have a look
Jan 05 2024 01:20 PM
Jan 08 2024 10:44 AM
SolutionJan 08 2024 11:21 AM - edited Jan 09 2024 02:41 AM
@sumo83 that is good. If you want you can try pushing mdmwinsovergpo policy from Intune which will allow MDM to apply the setting if there is a conflict with GPO.
Edit: Scratch the recommendation of mdmwinsovergpo. I was under wrong impression that FW CSP is supported.
Jan 09 2024 12:24 AM
Jan 09 2024 12:29 AM - edited Jan 09 2024 02:43 AM
Yes and firewall is one of the CSPs. I don’t see any issue in using it in this case.
Edit: Scratch the recommendation of mdmwinsovergpo. I was under wrong impression that FW CSP is supported.
Jan 09 2024 01:35 AM - edited Jan 09 2024 01:36 AM
are you sure?
https://learn.microsoft.com/en-us/windows/client-management/mdm/firewall-csp
./Device/Vendor/MSFT/Policy/ --> policy csp --> mdmwinsovergp would win (if you decide to use this setting.. which i don't advice 🙂 )
./Vendor/MSFT/Firewall --> firewall
Jan 09 2024 02:43 AM
Jan 08 2024 10:44 AM
Solution