Wednesday, October 11, 2023

Intune - Tamper Protection not Enabled - Solved!

 

So, for the last day I was trying to figure out why I couldn't enable Tamper Protection on some lab devices.

To enable Tamper Protection, you need the follow theses steps:
  1. Open Intune Microsoft Intune admin center
  2. Go to Endpoint Security > Antivirus
  3. Edit or create a policy:
    • Platform: WIndows 10, Windows 11, and Windows Server
    • Profile: Windows Security Experience
  4. From there set the option "TamperProtection (Device)" to "On"
But...for some reason, devices keep setting the option to "Off". After long time trying to understand this, I finally found the issue.

M365 Defender Settings takes precedence! 
What this means, is that you don't allow Tamper Protection in M365 Defender Advanced Features, you'll never be able to control it with Intune.

So, first and for most, enable Tamper Protection in Advanced Features, using these steps:
  1. Open Microsoft 365 Defender Endpoints Advanced Features (or Settings > Endpoints > Advanced Features)
  2. Enable "Tamper Protection" and "Save Preferences"
No you just need to wait some minutes to the option to be available and you can control it via Intune.

No comments:

Post a Comment