From 0981f8324fa726922794e61867f2dcd1cd63fc3e Mon Sep 17 00:00:00 2001
From: maximvelichko <mavel@microsoft.com>
Date: Mon, 21 Oct 2019 11:53:34 -0700
Subject: [PATCH 1/4] Update microsoft-defender-atp-mac-resources.md

---
 .../microsoft-defender-atp-mac-resources.md                     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
index 2f67653ec0..70d70defed 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
@@ -72,7 +72,7 @@ There are several ways to uninstall Microsoft Defender ATP for Mac. Please note
 
 ### From the command line
 
-- ```sudo rm -rf '/Applications/Microsoft Defender ATP'```
+- ```sudo rm -rf '/Applications/Microsoft Defender ATP.app'```
 
 ## Configuring from the command line
 

From 12bd38e3bd852e005aaaeaccedb0bebeec5adcb0 Mon Sep 17 00:00:00 2001
From: maximvelichko <mavel@microsoft.com>
Date: Mon, 21 Oct 2019 20:11:58 -0700
Subject: [PATCH 2/4] Update microsoft-defender-atp-mac-install-with-jamf.md

---
 .../microsoft-defender-atp-mac-install-with-jamf.md    | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
index 84088ccd42..ceba0b90ff 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@@ -118,6 +118,16 @@ Save the **Configuration Profile**.
 
 Use the **Logs** tab to monitor deployment status for each enrolled device.
 
+### Notification settings
+
+Starting in macOS 10.15 (Catalina) a user must manually allow to display notifications in UI. To auto-enable notifications from Defender and Auto Update, you can import the .mobileconfig below into a separate configuration profile and assign it to all machines with Defender:
+
+'''xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0"><dict><key>PayloadContent</key><array><dict><key>NotificationSettings</key><array><dict><key>AlertType</key><integer>2</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.autoupdate2</string><key>CriticalAlertEnabled</key><false/><key>GroupingType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict><dict><key>AlertType</key><integer>2</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.wdavtray</string><key>CriticalAlertEnabled</key><false/><key>GroupingType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict></array><key>PayloadDescription</key><string/><key>PayloadDisplayName</key><string>notifications</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>BB977315-E4CB-4915-90C7-8334C75A7C64</string><key>PayloadOrganization</key><string>Microsoft</string><key>PayloadType</key><string>com.apple.notificationsettings</string><key>PayloadUUID</key><string>BB977315-E4CB-4915-90C7-8334C75A7C64</string><key>PayloadVersion</key><integer>1</integer></dict></array><key>PayloadDescription</key><string/><key>PayloadDisplayName</key><string>mdatp - allow notifications</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string><key>PayloadOrganization</key><string>Microsoft</string><key>PayloadRemovalDisallowed</key><false/><key>PayloadScope</key><string>System</string><key>PayloadType</key><string>Configuration</string><key>PayloadUUID</key><string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string><key>PayloadVersion</key><integer>1</integer></dict></plist>
+'''
+
 ### Package
 
 1. Create a package in **Settings > Computer Management > Packages**.

From 9922c52e13644d451e67885168bfa27074c764c4 Mon Sep 17 00:00:00 2001
From: maximvelichko <mavel@microsoft.com>
Date: Mon, 21 Oct 2019 20:21:46 -0700
Subject: [PATCH 3/4] Update microsoft-defender-atp-mac-install-with-intune.md

---
 ...ft-defender-atp-mac-install-with-intune.md | 97 ++++++++++++++++++-
 1 file changed, 96 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
index 7a0f0c27d6..84e9cb78dd 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@@ -188,7 +188,102 @@ You may now enroll more devices. You can also enroll them later, after you have
    </plist>
    ```
 
-9. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
+9. To whitelist Defender and Auto Update for displaying notifications in UI on macOS 10.15 (Catalina), import the following .mobileconfig as a custom payload:
+
+   ```xml
+   <?xml version="1.0" encoding="UTF-8"?>
+   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+   <plist version="1.0">
+     <dict>
+       <key>PayloadContent</key>
+       <array>
+         <dict>
+           <key>NotificationSettings</key>
+           <array>
+             <dict>
+               <key>AlertType</key>
+               <integer>2</integer>
+               <key>BadgesEnabled</key>
+               <true/>
+               <key>BundleIdentifier</key>
+               <string>com.microsoft.autoupdate2</string>
+               <key>CriticalAlertEnabled</key>
+               <false/>
+               <key>GroupingType</key>
+               <integer>0</integer>
+               <key>NotificationsEnabled</key>
+               <true/>
+               <key>ShowInLockScreen</key>
+               <false/>
+               <key>ShowInNotificationCenter</key>
+               <true/>
+               <key>SoundsEnabled</key>
+               <true/>
+             </dict>
+             <dict>
+               <key>AlertType</key>
+               <integer>2</integer>
+               <key>BadgesEnabled</key>
+               <true/>
+               <key>BundleIdentifier</key>
+               <string>com.microsoft.wdavtray</string>
+               <key>CriticalAlertEnabled</key>
+               <false/>
+               <key>GroupingType</key>
+               <integer>0</integer>
+               <key>NotificationsEnabled</key>
+               <true/>
+               <key>ShowInLockScreen</key>
+               <false/>
+               <key>ShowInNotificationCenter</key>
+               <true/>
+               <key>SoundsEnabled</key>
+               <true/>
+             </dict>
+           </array>
+           <key>PayloadDescription</key>
+           <string/>
+           <key>PayloadDisplayName</key>
+           <string>notifications</string>
+           <key>PayloadEnabled</key>
+           <true/>
+           <key>PayloadIdentifier</key>
+           <string>BB977315-E4CB-4915-90C7-8334C75A7C64</string>
+           <key>PayloadOrganization</key>
+           <string>Microsoft</string>
+           <key>PayloadType</key>
+           <string>com.apple.notificationsettings</string>
+           <key>PayloadUUID</key>
+           <string>BB977315-E4CB-4915-90C7-8334C75A7C64</string>
+           <key>PayloadVersion</key>
+           <integer>1</integer>
+         </dict>
+       </array>
+       <key>PayloadDescription</key>
+       <string/>
+       <key>PayloadDisplayName</key>
+       <string>mdatp - allow notifications</string>
+       <key>PayloadEnabled</key>
+       <true/>
+       <key>PayloadIdentifier</key>
+       <string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string>
+       <key>PayloadOrganization</key>
+       <string>Microsoft</string>
+       <key>PayloadRemovalDisallowed</key>
+       <false/>
+       <key>PayloadScope</key>
+       <string>System</string>
+       <key>PayloadType</key>
+       <string>Configuration</string>
+       <key>PayloadUUID</key>
+       <string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string>
+       <key>PayloadVersion</key>
+       <integer>1</integer>
+     </dict>
+   </plist>
+   ```
+
+10. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
 
 Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**:
 

From 9eb1febae988a8ebd53d238f258b499f2f1cc8c4 Mon Sep 17 00:00:00 2001
From: maximvelichko <mavel@microsoft.com>
Date: Mon, 21 Oct 2019 20:24:35 -0700
Subject: [PATCH 4/4] Update microsoft-defender-atp-mac-install-with-jamf.md

---
 .../microsoft-defender-atp-mac-install-with-jamf.md    | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
index ceba0b90ff..99a5b6cc89 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@@ -122,11 +122,11 @@ Use the **Logs** tab to monitor deployment status for each enrolled device.
 
 Starting in macOS 10.15 (Catalina) a user must manually allow to display notifications in UI. To auto-enable notifications from Defender and Auto Update, you can import the .mobileconfig below into a separate configuration profile and assign it to all machines with Defender:
 
-'''xml
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0"><dict><key>PayloadContent</key><array><dict><key>NotificationSettings</key><array><dict><key>AlertType</key><integer>2</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.autoupdate2</string><key>CriticalAlertEnabled</key><false/><key>GroupingType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict><dict><key>AlertType</key><integer>2</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.wdavtray</string><key>CriticalAlertEnabled</key><false/><key>GroupingType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict></array><key>PayloadDescription</key><string/><key>PayloadDisplayName</key><string>notifications</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>BB977315-E4CB-4915-90C7-8334C75A7C64</string><key>PayloadOrganization</key><string>Microsoft</string><key>PayloadType</key><string>com.apple.notificationsettings</string><key>PayloadUUID</key><string>BB977315-E4CB-4915-90C7-8334C75A7C64</string><key>PayloadVersion</key><integer>1</integer></dict></array><key>PayloadDescription</key><string/><key>PayloadDisplayName</key><string>mdatp - allow notifications</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string><key>PayloadOrganization</key><string>Microsoft</string><key>PayloadRemovalDisallowed</key><false/><key>PayloadScope</key><string>System</string><key>PayloadType</key><string>Configuration</string><key>PayloadUUID</key><string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string><key>PayloadVersion</key><integer>1</integer></dict></plist>
-'''
+   ```xml
+   <?xml version="1.0" encoding="UTF-8"?>
+   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+   <plist version="1.0"><dict><key>PayloadContent</key><array><dict><key>NotificationSettings</key><array><dict><key>AlertType</key><integer>2</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.autoupdate2</string><key>CriticalAlertEnabled</key><false/><key>GroupingType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict><dict><key>AlertType</key><integer>2</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.wdavtray</string><key>CriticalAlertEnabled</key><false/><key>GroupingType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict></array><key>PayloadDescription</key><string/><key>PayloadDisplayName</key><string>notifications</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>BB977315-E4CB-4915-90C7-8334C75A7C64</string><key>PayloadOrganization</key><string>Microsoft</string><key>PayloadType</key><string>com.apple.notificationsettings</string><key>PayloadUUID</key><string>BB977315-E4CB-4915-90C7-8334C75A7C64</string><key>PayloadVersion</key><integer>1</integer></dict></array><key>PayloadDescription</key><string/><key>PayloadDisplayName</key><string>mdatp - allow notifications</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string><key>PayloadOrganization</key><string>Microsoft</string><key>PayloadRemovalDisallowed</key><false/><key>PayloadScope</key><string>System</string><key>PayloadType</key><string>Configuration</string><key>PayloadUUID</key><string>85F6805B-0106-4D23-9101-7F1DFD5EA6D6</string><key>PayloadVersion</key><integer>1</integer></dict></plist>
+   ```
 
 ### Package