Tenant attach: Onboard Configuration Manager clients to Microsoft Defender for Endpoint from the admin center (preview)
Applies to: Configuration Manager (current branch)
This information relates to a preview feature which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Microsoft Endpoint Manager is an integrated solution for managing all of your devices. Microsoft brings together Configuration Manager and Intune into a single console called Microsoft Endpoint Manager admin center. You can deploy Microsoft Defender for Endpoint onboarding policies to Configuration Manager managed clients. These clients don't require Azure AD or MDM enrollment, and the policy is targeted at ConfigMgr collections rather than Azure AD Groups.
- Access to the Microsoft Endpoint Manager admin center.
- An environment that's tenant attached with uploaded devices.
- A minimum of Configuration Manager version 2006 and the corresponding version of the console installed.
- Upgrade the target devices to the latest version of the Configuration Manager client.
- At least one Configuration Manager collection that's available for assigning Endpoint security policies
- Windows Devices that support this profile for tenant attached devices
- Microsoft Intune and Microsoft Defender for Endpoint integration enabled
- Client onboarded to Microsoft Defender for Endpoint.
Create Microsoft Defender for Endpoint policies
Sign in to the Microsoft Endpoint Manager admin center.
Select Endpoint security > Endpoint detection and response > Create Policy.
Select the following platform and profile for your policy:
- Platform: Windows 10 and Windows Server (ConfigMgr)
- Profile: Endpoint detection and response (ConfigMgr)
On the Basics page, enter a name and description for the profile, then choose Next.
On the Configuration settings page, configure the settings you want to manage with this profile. The onboarding package is automatically included and isn’t something you can configure.
When your done configuring settings, select Next.
On the Assignments page, select the collections that will receive this policy. Select collections from Configuration Manager that you’ve synced to Microsoft Endpoint Manager admin center and enabled for Microsoft Defender for Endpoint policy.
You can choose not to assign collections at this time, and later edit the policy to add an assignment.
When ready to continue, select Next.
On the Review + create page, when you're done, choose Create.
The new profile is displayed in the list when you select the policy type for the profile you created.