reviewsvur.blogg.se - Defender for mac

Provide the required app information and make sure to set the minimum operation system version to Sierra as mentioned in the prerequisites:įurthermore make sure that you assign both device configurations and the LOB app to your targeted Azure AD group. To deploy the Microsoft Defender ATP package create a new LOB (Line-of-business-app) and upload the wrapped *.intunemac file: To deploy this file create another custom device configuration and upload the xml file:

You find the file also in the unzipped package in the Intune folder. These kernel extensions will be loaded into the macOS operating system on boot for the Microsoft Defender ATP service.įor the actual onboarding of the macOS machine to your MDATP tenant we need the onboarding configuration “WindowsDefenderATPOnboarding.xml” which contains encrypted tenant info. Upload the kext file from the previously extracted zip file which is located in the Intune folder. In the Intune portal create a custom device configuration to deploy the Microsoft Defender ATP kext.xml (kernel extension).

When you have successfully completed the above steps, the file structure looks like this: Wrapped and unzipped Microsoft Defender ATP files Intune portal configuration # Unzip the onboarding package: unzip WindowsDefenderATPOnboardingPackage.zip we’ll need the files in the unzipped intune folder later Make the IntuneAppUtil executable: chmod +x IntuneAppUtil Open a terminal and perform the following actions: Now you should have these three files: Microsoft Defender ATP source files To deploy the installation package with Microsoft Intune we need the Intune app wrapping tool for macOS which is available here.

Preparing the onboarding package and files #Īccess the Microsoft Defender Security Center and gather the installation and onboarding package: This post assumes that you perform the tasks and file preparation on a macOS machine.

Appropriate user rights to create and assign an Intune device configuration, LOB App.

Access to the Microsoft Defender Security Center.

Intune tenant wit macOS enrollment enabled.

Microsoft Defender ATP license (Windows 10 Enterprise E5).

If you want to enable macOS enrollment for your Intune tenant - I’ve written a post about the enrollment process.

macOS client enrolled in your Intune tenant.

No third party endpoint protection installed.

I created a little guide about the onboarding process with Microsoft Intune and the user experience. We can now protect our macOS endpoints with cloud based power. Microsoft Defender ATP (MDATP) for macOS hit finally the public preview status.