Forum Discussion
Windows 10 defender Application control
I have been doing some experiments with intune (doing some lab exercises) and I enrolled my PC to the Azure Active Directory with the M365 login. Then after that, I am getting the following error mes...
Are you aadj or haadj joined? so if there any onpremise gpos active ?
No, this is purely on the cloud with Azure Active Directory with E5 license no on-prem or VMs connected.
- There must be a policy somehwere in intune which was configured to enabled mdac. Maybe the policy was deleted after the device was enrolled? maybe its a tattoeing issue... Did you also tested it by enrolling a new additional device?
Did you also used the mdmdiagnostic tool to export the existing policies on the device? And are there any files left in the code intigrity folder I also mentioned in the fblog? - I think I created something (as mentioned in your blog) but deleted it. But why isn't removed from the user or device? I have also initiated sync. I didn't use the mdmdiag tool where can I download it? What is code integrity folder?
- the mdmdiagnostic tool is on the device itself... Like I was mentioning in the blog... that sometimes it could be a tattoeing problem/issue.. I recommend to read the blog again... part 10 describes your issue pretty well...
Try to push a allowallxml or remove the contents of the folder I mentioned
https://call4cloud.nl/2021/06/wdac-or-the-unexpected-virtue-of-ignorance/#part10