deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-28 00:33:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

JAMF

Browse Source
This commit is contained in:
maximvelichko
2019-09-28 13:03:49 -07:00
committed by GitHub
parent 30097b1fe0
commit 46aabb7f8b
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
View File

@ -90,6 +90,20 @@ To approve the kernel extension:
![Approved kernel extensions screenshot](images/MDATP_17_approvedKernelExtensions.png) ![Approved kernel extensions screenshot](images/MDATP_17_approvedKernelExtensions.png)
### Privacy Preferenes Policy Control
By default, starting with Catalina, Microsoft Defender cannot access files in a user's home directory. To resolve it, add a JAMF policy to allow Defender Full Disk Access.
1. Select **Options > Privacy Preferences Policy Control**.
2. Use any identifier and identifier type = Bundle.
3. Set Code Requirement to `identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`.
4. Set app or service to SystemPolicyAllFiles and access to Allow.
![Privacy Preferences Policy Control](images/MDATP_35_JAMF_PrivacyPreferences.png)
> [!CAUTION]
> This is a new configuration we add for Catalina. If you set your configuration profile for Defender without it, please modify it and add this option.
#### Configuration Profile's Scope #### Configuration Profile's Scope
Configure the appropriate scope to specify the devices that will receive the configuration profile. Configure the appropriate scope to specify the devices that will receive the configuration profile.