From 081d55f197bc9eddcc1cc3cde2a94f93fa270b12 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 4 Sep 2019 15:46:56 -0700 Subject: [PATCH 1/6] Update MAU config for Intune; minor fix to JAMF documentation --- ...soft-defender-atp-mac-install-with-jamf.md | 4 +- .../microsoft-defender-atp-mac-updates.md | 64 +++++++++++++++++++ 2 files changed, 67 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index 44f2ed7150..554c07f40a 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -198,7 +198,9 @@ You can check that devices have been correctly onboarded by creating a script. F mdatp --health healthy ``` -This script returns: +The above commands prints "1" if the product is onboarded and functioning as expected. + +If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem: - 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service - 1 if the device is not yet onboarded - 3 if the connection to the daemon cannot be established—for example, if the daemon is not running diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md index dde9d19622..af5f8b3577 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -116,6 +116,8 @@ The following configuration profile is used to: - Enable the "Check for updates" button in the user interface - Allow users on the device to enroll into the Insider channels +### JAMF + ```XML @@ -135,6 +137,68 @@ The following configuration profile is used to: ``` +### Intune + +```XML + + + + + PayloadUUID + B762FF60-6ACB-4A72-9E72-459D00C936F3 + PayloadType + Configuration + PayloadOrganization + Microsoft + PayloadIdentifier + com.microsoft.autoupdate2 + PayloadDisplayName + Microsoft Auto-Update settings + PayloadDescription + Microsoft Auto-Update configuration settings + PayloadVersion + 1 + PayloadEnabled + + PayloadRemovalDisallowed + + PayloadScope + System + PayloadContent + + + PayloadUUID + 5A6F350A-CC2C-440B-A074-68E3F34EBAE9 + PayloadType + com.microsoft.autoupdate2 + PayloadOrganization + Microsoft + PayloadIdentifier + com.microsoft.autoupdate2 + PayloadDisplayName + Microsoft Auto-Update configuration settings + PayloadDescription + + PayloadVersion + 1 + PayloadEnabled + + ChannelName + InsiderFast + HowToCheck + AutomaticDownload + EnableCheckForUpdatesButton + + DisableInsiderCheckbox + + SendAllTelemetryEnabled + + + + + +``` + To configure MAU, you can deploy this configuration profile from the management tool that your enterprise is using: - From JAMF, upload this configuration profile and set the Preference Domain to *com.microsoft.autoupdate2*. - From Intune, upload this configuration profile and set the custom configuration profile name to *com.microsoft.autoupdate2*. From a3ac7e1cab13741afb9ee73af026a8d6c793df05 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 4 Sep 2019 15:48:05 -0700 Subject: [PATCH 2/6] Spacing --- .../microsoft-defender-atp-mac-install-with-jamf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index 554c07f40a..bf8a1373a4 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -200,7 +200,7 @@ mdatp --health healthy The above commands prints "1" if the product is onboarded and functioning as expected. -If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem: +If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem: - 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service - 1 if the device is not yet onboarded - 3 if the connection to the daemon cannot be established—for example, if the daemon is not running From ba8fa891256426057b6cda38cdcf5eb4e1d94366 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 4 Sep 2019 15:56:17 -0700 Subject: [PATCH 3/6] Document option to disable check for updates button --- .../microsoft-defender-atp-mac-updates.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md index af5f8b3577..8ef53f69df 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -86,6 +86,17 @@ Change how MAU searches for updates. | **Possible values** | Manual
AutomaticCheck
AutomaticDownload | | **Comment** | Note that AutomaticDownload will do a download and install silently if possible. | +### Change whether the "Check for Updates" button is enabled + +Change whether local users will be able to click the "Check for Updates" option in the Microsoft Auto-Update user interface. + +||| +|:---|:---| +| **Domain** | com.microsoft.autoupdate2 | +| **Key** | EnableCheckForUpdatesButton | +| **Data type** | Boolean | +| **Possible values** | True (default)
False | + ### Disable Insider checkbox Set to true to make the "Join the Office Insider Program..." checkbox unavailable / greyed out to users. From b98bfc64abfc69e35adc4e8ef1e906de1e42fb62 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 4 Sep 2019 16:13:54 -0700 Subject: [PATCH 4/6] Typo --- .../microsoft-defender-atp-mac-install-with-jamf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index bf8a1373a4..ef76d78529 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -198,7 +198,7 @@ You can check that devices have been correctly onboarded by creating a script. F mdatp --health healthy ``` -The above commands prints "1" if the product is onboarded and functioning as expected. +The above command prints "1" if the product is onboarded and functioning as expected. If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem: - 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service From 3ec6f29488ec738e5032e956f976b40c7aecd346 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 4 Sep 2019 16:18:38 -0700 Subject: [PATCH 5/6] Minor tweaks --- .../microsoft-defender-atp-mac-updates.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md index 8ef53f69df..50267f26bb 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -34,7 +34,7 @@ If you decide to deploy updates by using your software distribution tools, you s ## Use msupdate -MAU includes a command line tool, called *msupdate*, that is designed for IT administrators so that they have more precise control over when updates are applied. Instructions for how to use this tool can be found in [Update Office for Mac by using msupdate](https://docs.microsoft.com/deployoffice/mac/update-office-for-mac-using-msupdate). +MAU includes a command-line tool, called *msupdate*, that is designed for IT administrators so that they have more precise control over when updates are applied. Instructions for how to use this tool can be found in [Update Office for Mac by using msupdate](https://docs.microsoft.com/deployoffice/mac/update-office-for-mac-using-msupdate). In MAU, the application identifier for Microsoft Defender ATP for Mac is *WDAV00*. To download and install the latest updates for Microsoft Defender ATP for Mac, execute the following command from a Terminal window: @@ -88,7 +88,7 @@ Change how MAU searches for updates. ### Change whether the "Check for Updates" button is enabled -Change whether local users will be able to click the "Check for Updates" option in the Microsoft Auto-Update user interface. +Change whether local users will be able to click the "Check for Updates" option in the Microsoft AutoUpdate user interface. ||| |:---|:---| @@ -164,9 +164,9 @@ The following configuration profile is used to: PayloadIdentifier com.microsoft.autoupdate2 PayloadDisplayName - Microsoft Auto-Update settings + Microsoft AutoUpdate settings PayloadDescription - Microsoft Auto-Update configuration settings + Microsoft AutoUpdate configuration settings PayloadVersion 1 PayloadEnabled @@ -187,7 +187,7 @@ The following configuration profile is used to: PayloadIdentifier com.microsoft.autoupdate2 PayloadDisplayName - Microsoft Auto-Update configuration settings + Microsoft AutoUpdate configuration settings PayloadDescription PayloadVersion From dcf696c83bad3d31666f40ecd933ef966f0c209f Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 4 Sep 2019 16:54:41 -0700 Subject: [PATCH 6/6] Remove redundant line --- .../microsoft-defender-atp-mac-install-with-jamf.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index ef76d78529..9a52b56369 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -201,7 +201,6 @@ mdatp --health healthy The above command prints "1" if the product is onboarded and functioning as expected. If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem: -- 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service - 1 if the device is not yet onboarded - 3 if the connection to the daemon cannot be established—for example, if the daemon is not running