M365 Defender onboarding devices from licensed users

Copper Contributor



I've setup Defender 365 for two test devices and all has worked kind of good. Now I'd like to onboard all devices eligible. However, we only have about 35 Business Premium licenses. There are a similar number of other users with Windows 10 devices that use M365 F3 etc which are not covered by Defender 365 but are in MEM. 


I'm wary to deploy Defender 365 to all devices in Intune. How can i deploy it globally in a smart way?


I've tried to make a device group which adds all user devices that have the right license. But I don't think this is supported in dynamic device groups. - Is there a way?


Or, will Defender 365 only add the devices of users who are eligible and I can just move forward with adding all devices?

0 Replies