question

karthikpalani-9530 avatar image
0 Votes"
karthikpalani-9530 asked JarvisSun-MSFT answered

Intune - USB and AV allow

Hi All,

Need some advice on below

  • I have applied Windows defender ATP antivirus from Intune. On the user level, when we open Windows defender settings, Virus and Threat settings says managed by administrator which is fine

But if i login as local administrator and domain administrator still it says managed by administrator and unable to change any settings. How to allow only administrator to change the settings? Please advice

  • I applied USB block settings from attack surface reduction which worked fine, now i removed that device and added to new policy in which i added one device identifier to be allowed and other USB to be blocked

Even it is blocked and it is not allowing. Please share your suggestions

mem-intune-generalmem-intune-device-configurationsmem-intune-application-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JarvisSun-MSFT avatar image
0 Votes"
JarvisSun-MSFT answered

@karthikpalani-9530 Thanks for posting in our Q&A.
For our issue, I have done lots of research. According to your description, the administrator here refers to intune management. Once we set up the management authority of the defender, the local and domain administrators can no longer change the settings. We can manage the defender settings directly in the intune portal.

For USB block settings, as far as I know, Intune settings are based on the Windows configuration service provider (CSPs). The behavior depends on the CSP. Some CSPs remove the setting, and some CSPs keep the setting, also called tattooing. Could you try to delete the original policy and then re-apply the policy again?
If it is not work, could you please provide information about your system version and settings screen shots?

If there is anything update, we are looking forward to the reply.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.