mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-13 13:57:22 +00:00
Iaan Wiltshire
commit
dbc35a8078
@ -4,7 +4,7 @@ description: Use the Group Policy Console to configure settings that enable samp
|
||||
keywords: configuration settings, Windows Defender ATP configuration settings, Windows Defender Advanced Threat Protection configuration settings, group policy Management Editor, computer configuration, policies, administrative templates,
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl:
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
author: mjcaparas
|
||||
---
|
||||
@ -37,11 +37,6 @@ You can use Group Policy (GP) to configure settings, such as settings for the sa
|
||||
|
||||
6. Choose to enable or disable sample sharing from your endpoints.
|
||||
|
||||
## Configure sample collection settings with Configuration Manager
|
||||
|
||||
TBA
|
||||
|
||||
|
||||
## Related topics
|
||||
- [Windows Defender ATP service onboarding](service-onboarding-windows-advanced-threat-protection.md)
|
||||
- [Configure Windows Defender ATP endpoints (client onboarding)](configure-endpoints-windows-advanced-threat-protection.md)
|
||||
|
||||
@ -4,7 +4,7 @@ description: Use Group Policy to deploy the configuration package or do manual r
|
||||
keywords: configure endpoints, client onboarding, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl:
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
author: mjcaparas
|
||||
---
|
||||
@ -17,6 +17,27 @@ author: mjcaparas
|
||||
|
||||
You can use a Group Policy (GP) configuration package or an automated script to configure endpoints. You can deploy the GP configuration package or script with a GP update, or manually through the command line.
|
||||
|
||||
## Configure with System Center Configuration Manager (SCCM)
|
||||
|
||||
1. Open the SCCM configuration package .zip file (*WindowsATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com): <span style="background-color: yellow;">Naama: Confirm package name</span>
|
||||
|
||||
a. Click **Client onboarding** on the **Navigation pane**.
|
||||
|
||||
b. Select **SCCM**, click **Download package**, and save the .zip file. <span style="background-color: yellow;">Iaan: Need to confirm the UI for this</span>
|
||||
|
||||
2. Copy the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package.
|
||||
|
||||
<span style="background-color: yellow;">Iaan: Will confirm ui for this</span>
|
||||
|
||||
3. In the SCCM console, go to **Software Library**.
|
||||
4. Under **Application Management**, right-click **Packages** and select **Import**.
|
||||
5. Click **Browse** and choose the package that was downloaded from the portal (zip file).
|
||||
6. The package will appear under the Packages page.
|
||||
7. Right-click the Package and choose deploy.
|
||||
8. Choose a predefined device collection to deploy the package to.
|
||||
|
||||
<span style="background-color: yellow;">Naama note: If it’s a package we create then we’ll set the necessary privileges, otherwise provide guidance (Omri: what is the necessary privileges?)</span>
|
||||
|
||||
## Configure with Group Policy
|
||||
Using the GP configuration package ensures your endpoints will be correctly configured to report to the Windows Defender ATP service.
|
||||
|
||||
@ -46,27 +67,6 @@ Using the GP configuration package ensures your endpoints will be correctly conf
|
||||
|
||||
For additional settings, see the [Additional configuration settings section](additional-configuration-windows-advanced-threat-protection.md).
|
||||
|
||||
## Configure with System Center Configuration Manager (SCCM)
|
||||
|
||||
1. Open the SCCM configuration package .zip file (*WindowsATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com): <span style="background-color: yellow;">Naama: Confirm package name</span>
|
||||
|
||||
a. Click **Client onboarding** on the **Navigation pane**.
|
||||
|
||||
b. Select **SCCM**, click **Download package**, and save the .zip file. <span style="background-color: yellow;">Iaan: Need to confirm the UI for this</span>
|
||||
|
||||
2. Copy the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package.
|
||||
|
||||
<span style="background-color: yellow;">Iaan: Will confirm ui for this</span>
|
||||
|
||||
3. In the SCCM console, go to **Software Library**.
|
||||
4. Under **Application Management**, right-click **Packages** and select **Import**.
|
||||
5. Click **Browse** and choose the package that was downloaded from the portal (zip file).
|
||||
6. The package will appear under the Packages page.
|
||||
7. Right-click the Package and choose deploy.
|
||||
8. Choose a predefined device collection to deploy the package to.
|
||||
|
||||
<span style="background-color: yellow;">Naama note: If it’s a package we create then we’ll set the necessary privileges, otherwise provide guidance (Omri: what is the necessary privileges?)</span>
|
||||
|
||||
## Configure endpoints manually with registry changes
|
||||
You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network.
|
||||
|
||||
@ -83,7 +83,7 @@ You can also manually onboard individual endpoints to Windows Defender ATP. You
|
||||
|
||||
|
||||
3. Type the location of the script file. If you copied the file the
|
||||
desktop, type:```*%userprofile%\Desktop\WindowsATPOnboardingScript.sc*```
|
||||
desktop, type: *```%userprofile%\Desktop\WindowsATPOnboardingScript.cmd```*
|
||||
|
||||
4. Press the **Enter** key or click **OK**.
|
||||
|
||||
@ -94,4 +94,3 @@ See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding iss
|
||||
- [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-advanced-threat-protection.md)
|
||||
- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-advanced-threat-protection.md)
|
||||
- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-advanced-threat-protection.md)
|
||||
|
||||
|
||||
@ -4,7 +4,7 @@ description: Monitor the onboarding of the Windows Defender ATP service to ensur
|
||||
keywords: monitor onboarding, monitor Windows Defender ATP onboarding, monitor Windows Defender Advanced Threat Protection onboarding
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl:
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
author: mjcaparas
|
||||
---
|
||||
@ -30,15 +30,15 @@ Monitoring can be done directly on the portal, or by using System Center Configu
|
||||
3. Verify that endpoints are appearing.
|
||||
|
||||
|
||||
> **Note** It can take several days for endpoints to start showing on the **Machines view**. This includes the time it takes for the Group Policy (GP) update to be distributed to the endpoint, the time it takes before the user logs on or initiates a GP update, and the time it takes for the endpoint to start reporting to the portal.
|
||||
> **Note** It can take several days for endpoints to start showing on the **Machines view**. This includes the time it takes for the policies to be distributed to the endpoint, the time it takes before the user logs on, and the time it takes for the endpoint to start reporting.
|
||||
|
||||
## Monitoring with System Center Configuration Manager
|
||||
## Monitor with System Center Configuration Manager
|
||||
|
||||
Monitoring with SCCM consists of two parts:
|
||||
|
||||
1. Confirming the configuration package has been correctly deployed and is running (or has successfully run) on the endpoints in your network.
|
||||
|
||||
2. Checking that the endpoints are compliant with the Windows Defender ATP service (this ensures the endpoint can complete the onboarding process and can continue to report data to the service).
|
||||
[[[2. Checking that the endpoints are compliant with the Windows Defender ATP service (this ensures the endpoint can complete the onboarding process and can continue to report data to the service).]]
|
||||
|
||||
**To confirm the configuration package has been correctly deployed:**
|
||||
|
||||
@ -46,17 +46,17 @@ Monitoring with SCCM consists of two parts:
|
||||
|
||||
2. Click **Overview** and then **Deployments**.
|
||||
|
||||
3. Click on the deployment with the package name. <span style="background-color: yellow;">What is the name of the deployment, will it always be the same for every user/installation?</span>
|
||||
3. Click on the deployment with the package name. <span style="background-color: yellow;">What is the name of the deployment, will it always be the same for every user/installation? - it's chosen by the user</span>
|
||||
|
||||
4. Review the status indicators under **Completion Statistics** and **Content Status**.
|
||||
|
||||
If there are failed deployments (endpoints with **Error**, **Requirements Not Met**, or **Failed statuses**), you may need to troubleshoot the endpoints. See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-advanced-threat-protection.md) topic for more information.
|
||||
|
||||
<span style="background-color: yellow;">Naama: Is this a correct process for idendtifying/resolving issues?</span>
|
||||
<span style="background-color: yellow;">Naama: Is this a correct process for idendtifying/resolving issues? YES!</span>
|
||||
|
||||
|
||||
|
||||
**To check that your endpoints are compliant:**
|
||||
[[**To check that your endpoints are compliant:**
|
||||
|
||||
1. Get the *compliance.cab* file from the SCCM configuration package .zip file (*WindowsATPOnboardingPackage.zip*) that you downloaded during the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com):
|
||||
|
||||
@ -86,7 +86,7 @@ If there are failed deployments (endpoints with **Error**, **Requirements Not Me
|
||||
|
||||
If there are non-compliant endpoints (endpoints with ?????), you may need to troubleshoot the endpoints. See the [Troubleshoot Windows Defender ATP onboarding issues](troubleshoot-onboarding-windows-advanced-threat-protection.md) topic for more information.
|
||||
|
||||
<span style="background-color: yellow;">Naama: Is this a correct process for resolving issues?</span>
|
||||
<span style="background-color: yellow;">Naama: Is this a correct process for resolving issues?</span>]]]
|
||||
|
||||
## Related topics
|
||||
- [Windows Defender ATP service onboarding](service-onboarding-windows-advanced-threat-protection.md)
|
||||
|
||||
@ -6,10 +6,10 @@ search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl:
|
||||
ms.sitesec: library
|
||||
author: mjcaparas
|
||||
author: iaanw
|
||||
---
|
||||
|
||||
# Onboard endpoints and set up the Windows Defender ATP user access
|
||||
# Onboard and set up Windows Defender Advanced Threat Protection
|
||||
|
||||
**Applies to**
|
||||
|
||||
@ -24,14 +24,14 @@ There are two stages to onboarding:
|
||||
1. Set up user access in AAD and use a wizard to create a dedicated
|
||||
cloud instance for your network (known as “service onboarding”).
|
||||
|
||||
2. Add endpoints to the service with scheduled GP updates or manual
|
||||
2. Add endpoints to the service with System Center Configuration Manager, scheduled GP updates, or manual
|
||||
registry changes (known as “endpoint onboarding”).
|
||||
|
||||
## In this section
|
||||
Topic | Description
|
||||
:---|:---
|
||||
[Windows Defender ATP service onboarding](service-onboarding-windows-advanced-threat-protection.md) | Learn about managing user access to the Windows Defender ATP portal by assigning users to the Windows Defender ATP service application in ADD.
|
||||
[Configure Windows Defender ATP endpoints (client onboarding)](configure-endpoints-windows-advanced-threat-protection.md) | You'll need to configure endpoints for it to report to the Windows Defender ATP service. Learn how you can use the configuration package to configure endpoints in your enterprise.
|
||||
[Configure Windows Defender ATP endpoints (endpoint onboarding)](configure-endpoints-windows-advanced-threat-protection.md) | You'll need to configure endpoints for it to report to the Windows Defender ATP service. Learn how you can use the configuration package to configure endpoints in your enterprise.
|
||||
[Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-advanced-threat-protection.md) | Learn how you can monitor the onboarding to ensure your endpoints are correctly configured and are sending telemetry reports.
|
||||
[Additional Windows Defender ATP configuration settings](additional-configuration-windows-advanced-threat-protection.md) | This topic describes the steps you need to take to configure settings for sample sharing used in the deep analysis feature.
|
||||
[Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-advanced-threat-protection.md) | This topic contains information on how you can resolve issues that might arise during onboarding.
|
||||
|
||||
@ -4,14 +4,15 @@ description: Assign users to the Windows Defender ATP service application in Azu
|
||||
keywords: service onboarding, Windows Defender Advanced Threat Protection service onboarding
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl:
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
author: mjcaparas
|
||||
---
|
||||
|
||||
# Windows Defender ATP service onboarding
|
||||
# Windows Defender ATP service onboarding
|
||||
|
||||
- Windows 10 Insider Preview
|
||||
- Azure Active Directory
|
||||
|
||||
<span style="color:#ED1C24;">[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
|
||||
|
||||
|
||||
@ -4,7 +4,7 @@ description: Troubleshoot issues that might arise during the onboarding of endpo
|
||||
keywords: troubleshoot onboarding, onboarding issues, event viewer, azure management portal, data collection and preview builds
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: W10
|
||||
ms.mktglfcycl:
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
author: mjcaparas
|
||||
---
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user