Oct 01 2024 06:11 AM
Hello,
We onboarded devices to Microsoft Defender for Endpoint through Intune in a co-management environment, with Endpoint Protection workload shifted to Intune. We configured a Device Control policy, which is blocking installation of USB devices like keyboards and mouse. Despite removing the USB blocking settings, syncing devices via Intune, and rebooting the devices, USB devices were still blocked after several hours.
Running the `Get-MpComputerStatus` command on affected devices showed an outdated `DeviceControlPoliciesLastUpdated` date (year 1601).
Could anyone advise on how long it typically takes for policy changes in Intune/MDE to take effect? Is there a way to manually force policy sync across all devices?
Thanks in advance for your help
Oct 01 2024 07:15 AM
@drivesafely Hi, I recommend that you use this feature to make sure that you update every 30 minutes the configurations
Oct 01 2024 10:12 AM - edited Oct 01 2024 10:25 AM
Thanks for the helpful link. Unfortunately, we have many Windows 10 devices as well, to which it does not apply.
Also to mention, MDE is currently in passive mode (since the device have 3rd party EDR which will be removed).
Can you confirm that any change done to policies like AV, ASR and DeviceConfig would take upto 8 hours to apply to all devices from Intune, even though we sync the device from Intune or restart the device?
Thanks again
Oct 01 2024 11:24 PM
Hi, you can go and run scripts on the devices; it's a bit of a cumbersome solution but it should help you in your case.
I'll leave you with this post that might help you: https://oofhours.com/2019/09/28/forcing-an-mdm-sync-from-a-windows-10-client/