From 9922c52e13644d451e67885168bfa27074c764c4 Mon Sep 17 00:00:00 2001
From: maximvelichko <mavel@microsoft.com>
Date: Mon, 21 Oct 2019 20:21:46 -0700
Subject: [PATCH] Update microsoft-defender-atp-mac-install-with-intune.md

---
 ...ft-defender-atp-mac-install-with-intune.md | 97 ++++++++++++++++++-
 1 file changed, 96 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
index 7a0f0c27d6..84e9cb78dd 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@@ -188,7 +188,102 @@ You may now enroll more devices. You can also enroll them later, after you have
    </plist>
    ```
 
-9. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
+9. To whitelist Defender and Auto Update for displaying notifications in UI on macOS 10.15 (Catalina), import the following .mobileconfig as a custom payload:
+
+   ```xml
+   <?xml version="1.0" encoding="UTF-8"?>
+   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+   <plist version="1.0">
+     <dict>
+       <key>PayloadContent</key>
+       <array>
+         <dict>
+           <key>NotificationSettings</key>
+           <array>
+             <dict>
+               <key>AlertType</key>
+               <integer>2</integer>
+               <key>BadgesEnabled</key>
+               <true/>
+               <key>BundleIdentifier</key>
+               <string>com.microsoft.autoupdate2</string>
+               <key>CriticalAlertEnabled</key>
+               <false/>
+               <key>GroupingType</key>
+               <integer>0</integer>
+               <key>NotificationsEnabled</key>
+               <true/>
+               <key>ShowInLockScreen</key>
+               <false/>
+               <key>ShowInNotificationCenter</key>
+               <true/>
+               <key>SoundsEnabled</key>
+               <true/>
+             </dict>
+             <dict>
+               <key>AlertType</key>
+               <integer>2</integer>
+               <key>BadgesEnabled</key>
+               <true/>
+               <key>BundleIdentifier</key>
+               <string>com.microsoft.wdavtray</string>
+               <key>CriticalAlertEnabled</key>
+               <false/>
+               <key>GroupingType</key>
+               <integer>0</integer>
+               <key>NotificationsEnabled</key>
+               <true/>
+               <key>ShowInLockScreen</key>
+               <false/>
+               <key>ShowInNotificationCenter</key>
+               <true/>
+               <key>SoundsEnabled</key>
+               <true/>
+             </dict>
+           </array>
+           <key>PayloadDescription</key>
+           <string/>
+           <key>PayloadDisplayName</key>
+           <string>notifications</string>
+           <key>PayloadEnabled</key>
+           <true/>
+           <key>PayloadIdentifier</key>
+           <string>BB977315-E4CB-4915-90C7-8334C75A7C64</string>
+           <key>PayloadOrganization</key>
+           <string>Microsoft</string>
+           <key>PayloadType</key>
+           <string>com.apple.notificationsettings</string>
+           <key>PayloadUUID</key>
+           <string>BB977315-E4CB-4915-90C7-8334C75A7C64</string>
+           <key>PayloadVersion</key>
+           <integer>1</integer>
+         </dict>
+       </array>
+       <key>PayloadDescription</key>
+       <string/>
+       <key>PayloadDisplayName</key>
+       <string>mdatp - allow notifications</string>
+       <key>PayloadEnabled</key>
+       <true/>
+       <key>PayloadIdentifier</key>
+       <string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string>
+       <key>PayloadOrganization</key>
+       <string>Microsoft</string>
+       <key>PayloadRemovalDisallowed</key>
+       <false/>
+       <key>PayloadScope</key>
+       <string>System</string>
+       <key>PayloadType</key>
+       <string>Configuration</string>
+       <key>PayloadUUID</key>
+       <string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string>
+       <key>PayloadVersion</key>
+       <integer>1</integer>
+     </dict>
+   </plist>
+   ```
+
+10. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
 
 Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**: