wdavconfig.py => mdatp --health

2025-06-21 13:23:36 +00:00 · 2019-05-08 15:22:55 -07:00
parent ed83d70393
commit cbc377b547
2 changed files with 15 additions and 15 deletions
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
@ -90,9 +90,7 @@ The installation will proceed.
    The client machine is not associated with orgId.  Note that the orgid is blank.

    ```bash
-    mavel-mojave:wdavconfig testuser$ sudo /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py
-    uuid  : 69EDB575-22E1-53E1-83B8-2E1AB1E410A6
-    orgid :
+    mavel-mojave:wdavconfig testuser$ mdatp --health orgId
    ```

 2. Install the configuration file on a client machine:
@ -105,9 +103,8 @@ The installation will proceed.
 3. Verify that the machine is now associated with orgId:

    ```bash
-    mavel-mojave:wdavconfig testuser$ sudo /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py
-    uuid  : 69EDB575-22E1-53E1-83B8-2E1AB1E410A6
-    orgid : E6875323-A6C0-4C60-87AD-114BBE7439B8
+    mavel-mojave:wdavconfig testuser$ mdatp --health orgId
+    E6875323-A6C0-4C60-87AD-114BBE7439B8
    ```

 After installation, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner.
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@ -178,26 +178,29 @@ Thu Feb 21 11:17:23 mavel-mojave jamf[8051]: No patch policies were found.
 You can also check the onboarding status:

 ```bash
-mavel-mojave:~ testuser$ sudo /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py
-uuid            : 69EDB575-22E1-53E1-83B8-2E1AB1E410A6
-orgid           : 79109c9d-83bb-4f3e-9152-8d75ee59ae22
-orgid managed   : 79109c9d-83bb-4f3e-9152-8d75ee59ae22
-orgid effective : 79109c9d-83bb-4f3e-9152-8d75ee59ae22
+mavel-mojave:~ testuser$ mdatp --health
+...
+licensed                                : true
+orgId                                   : "4751b7d4-ea75-4e8f-a1f5-6d640c65bc45"
+...
 ```

- **orgid/orgid managed**: This is the Microsoft Defender ATP org id specified in the configuration profile. If this value is blank, then the Configuration Profile was not properly set.
+- **licensed**: This is a confirmation that the machine is licensed for ATP.

- **orgid effective**: This is the Microsoft Defender ATP org id currently in use. If it does not match the value in the Configuration Profile, then the configuration has not been refreshed.
+- **orgid**: Your ATP org id, it will be the same for your organization.

 ## Check onboarding status

 You can check that machines are correctly onboarded by creating a script. For example, the following script checks that enrolled machines are onboarded:

 ```bash
-sudo /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py | grep -E 'orgid effective : [-a-zA-Z0-9]+'
+mdatp --health healthy
 ```

-This script returns 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service, and another exit code if it is not installed or registered.
+This script returns:
+- 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service
+- 1 if the machine is not onboarded
+- 3 if the connection to the daemon cannot be established (daemon is not running)

 ## Test alert