Microsoft Teams innovations for manufacturing at Hannover Messe 2023

Posted by

Later this month, Microsoft will be making architectural updates to the security settings management capabilities in Microsoft Defender for Endpoint that will simplify the device enrollment process. These updates include removing Azure Active Directory (AD) join or Hybrid Azure AD join as a pre-requisite for onboarding Windows devices that use security settings management in Defender for Endpoint.

What’s New

Later this month, Microsoft will be making architectural updates to the security settings management capabilities in Microsoft Defender for Endpoint that simplify the device enrollment process. These updates include removing Azure Active Directory (AD) join or Hybrid Azure AD join as a pre-requisite for onboarding Windows devices that use security settings management in Defender for Endpoint.

What’s Important to Know

Customers already using this functionality will seamlessly transition to the updated infrastructure with no impact for their existing Windows devices managed by Defender for Endpoint that are using this functionality. Additionally, there will be no changes to the device, its identity, or registration type.

“To ensure that all devices enrolled in security settings management for Microsoft Defender for Endpoint receive policies, we recommend creating a dynamic Azure AD group based on the systemLabels property containing the “MDEManaged” value.”

Ensure your Windows device is up to date to take advantage of these enhancements. Customers that don’t use public preview features will continue with the existing settings management experience. To opt in, go to the Microsoft Defender for Endpoint portal, and select Settings > Endpoints > Advanced features > Preview features.

In the Microsoft 365 Defender device inventory, you can confirm that the device is using the security settings management capability in Defender for Endpoint by checking its status in the Managed by column. This is also available on the device side panel or device page and should consistently indicate managed by MDE.

In the Intune admin center, search for the device name on the All Devices page. The device should appear here as well, with the Managed by field set to MDE.

To ensure that all devices enrolled in security settings management for Microsoft Defender for Endpoint receive policies, create a dynamic Azure AD group based on the systemLabels property containing the “MDEManaged” value. This will automatically add devices managed by Defender for Endpoint to the group, without requiring admins to perform any additional tasks.

Key points from the article:

  • Microsoft will be making architectural updates to the security settings management capabilities in Microsoft Defender for Endpoint
  • These updates will simplify the device enrollment process and remove Azure Active Directory (AD) join or Hybrid Azure AD join as a pre-requisite for onboarding Windows devices
  • Ensure Windows devices are up to date to take advantage of these enhancements
  • Existing Windows devices managed by Defender for Endpoint will seamlessly transition to the updated infrastructure with no impact
  • Create a dynamic Azure AD group based on the system label property containing the “MDEManaged” value to ensure all devices receive policies

From the Microsoft 365 Blog


Related Posts
Unlock New Possibilities with Windows Server Devices in Intune!

  Windows Server Devices Now Recognized as a New OS in Intune Microsoft has announced that Windows Server devices are Read more

Unlock the Power of the Platform: Your Guide to Power Platform at Microsoft Ignite 2022

Microsoft Power Platform is leading the way in AI-generated low-code app development. With the help of AI, users can quickly Read more

Unlock the Power of Microsoft Intune with the 2210 October Edition!

Microsoft Intune is an enterprise mobility management platform that helps organizations manage mobile devices, applications, and data. The October edition Read more

Unlock the Power of Intune 2.211: What’s New for November!

Microsoft Intune has released its November edition, featuring new updates to help IT admins better manage their organization’s mobile devices. Read more