deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-08 02:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

updates to onboarding sections from Naama

Browse Source
This commit is contained in:
Iaan 2016-05-02 16:12:12 +10:00
parent 6d9fc52fa0
commit f680c11c9d
4 changed files with 18 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md
View File

@ -21,37 +21,33 @@ You can use a Group Policy (GP) configuration package or an automated script to
## Configure with System Center Configuration Manager (SCCM)
1. Open the SCCM configuration package .zip file (*WindowsATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com): <span style="background-color: yellow;">Naama: Confirm package name</span>
1. Open the SCCM configuration package .zip file (*WindowsATPOnboardingPackage_ConfigurationManager.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com):
a. Click **Client onboarding** on the **Navigation pane**.
b. Select **SCCM**, click **Download package**, and save the .zip file. <span style="background-color: yellow;">Iaan: Need to confirm the UI for this</span>
b. Select **SCCM**, click **Download package**, and save the .zip file.
2. Copy the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package.
<span style="background-color: yellow;">Iaan: Will confirm ui for this</span>
3. Import the configuration package by following the steps in the [How to Create Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682112.aspx#BKMK_Import) topic.
3. In the SCCM console, go to **Software Library**.
4. Under **Application Management**, right-click **Packages** and select **Import**.
5. Click **Browse** and choose the package that was downloaded from the portal (zip file).
6. The package will appear under the Packages page.
7. Right-click the Package and choose deploy.
8. Choose a predefined device collection to deploy the package to.
4. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682178.aspx) topic.
a. Choose a predefined device collection to deploy the package to.
<span style="background-color: yellow;">Naama note: If its a package we create then well set the necessary privileges, otherwise provide guidance (Omri: what is the necessary privileges?)</span>
## Configure with Group Policy
Using the GP configuration package ensures your endpoints will be correctly configured to report to the Windows Defender ATP service.
> **Note**&nbsp;&nbsp; To use GP updates to deploy the package, you must be on Windows Server 2008 R2 or later. The endpoints must be running Windows 10 TAP.
1. Open the GP configuration package .zip file (*WindowsATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com):
1. Open the GP configuration package .zip file (*WindowsATPOnboardingPackage_GroupPolicy.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com):
a. Click **Client onboarding** on the **Navigation pane**.
b. Select **GP**, click **Download package** and save the .zip file.
2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the endpoints. You should have a folder called _*OptionalParamsPolicy*_ and the file _*WindowsATPOnboardingPackage.cmd*_.
2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the endpoints. You should have a folder called *OptionalParamsPolicy* and the file *WindowsATPOnboardingScript.cmd*.
3. Open the [Group Policy Management Console](https://technet.microsoft.com/en-us/library/cc731212.aspx) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**.
@ -63,7 +59,7 @@ Using the GP configuration package ensures your endpoints will be correctly conf
7. Select **Run whether user is logged on or not** and check the **Run with highest privileges** check box.
8. Go to the **Actions** tab and click **New** Ensure that **Start a program** is selected in the **Action** field. Enter the file name and location of the shared _*WindowsATPOnboardingPackage.cmd*_ file.
8. Go to the **Actions** tab and click **New...** Ensure that **Start a program** is selected in the **Action** field. Enter the file name and location of the shared *WindowsATPOnboardingScript.cmd* file.
9. Click **OK** and close any open GPMC windows.
@ -84,7 +80,7 @@ You can also manually onboard individual endpoints to Windows Defender ATP. You
![Window Start menu pointing to Run as administrator](images/run-as-admin.png)
3. Type the location of the script file. If you copied the file the
3. Type the location of the script file. If you copied the file to the
desktop, type: *```%userprofile%\Desktop\WindowsATPOnboardingScript.cmd```*
4. Press the **Enter** key or click **OK**.

BIN
windows/keep-secure/images/sccm-deployment.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 16 KiB

5
windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md
View File

@ -58,8 +58,8 @@ disabled you can turn it on by following the instructions in the
### Deployment channel operating system requirements
You can choose to onboard endpoints with a scheduled Group Policy
(GP) update (using a GP package that you
download from the portal or during the service onboarding wizard) or
(GP) or System Center Configuration Manager (SCCM) update (using a configuration package that you
download from the portal or during the service onboarding wizard), or by making
manual registry changes.
The following describes the minimum operating system or software version
@ -68,5 +68,6 @@ required for each deployment channel.
Deployment channel | Minimum server requirements
:---|:---
Group Policy settings | Windows Server 2008 R2
System Center Configuration Manager | SCCM 2012
Manual registry modifications | No minimum requirements

42
windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md
View File

@ -9,7 +9,7 @@ ms.sitesec: library
author: mjcaparas
---
# Monitor the Windows Defender Advanced Threat Protection onboarding
# Monitor Windows Defender Advanced Threat Protection onboarding
**Applies to:**
@ -40,7 +40,7 @@ Monitoring with SCCM consists of two parts:
1. Confirming the configuration package has been correctly deployed and is running (or has successfully run) on the endpoints in your network.
[[[2. Checking that the endpoints are compliant with the Windows Defender ATP service (this ensures the endpoint can complete the onboarding process and can continue to report data to the service).]]
2. Checking that the endpoints are compliant with the Windows Defender ATP service (this ensures the endpoint can complete the onboarding process and can continue to report data to the service).
**To confirm the configuration package has been correctly deployed:**
@ -48,47 +48,13 @@ Monitoring with SCCM consists of two parts:
2. Click **Overview** and then **Deployments**.
3. Click on the deployment with the package name. <span style="background-color: yellow;">What is the name of the deployment, will it always be the same for every user/installation? - it's chosen by the user</span>
3. Click on the deployment with the package name.
4. Review the status indicators under **Completion Statistics** and **Content Status**.
If there are failed deployments (endpoints with **Error**, **Requirements Not Met**, or **Failed statuses**), you may need to troubleshoot the endpoints. See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) topic for more information.
<span style="background-color: yellow;">Naama: Is this a correct process for idendtifying/resolving issues? YES!</span>
![image](images/sccm-deployment.png)
[[**To check that your endpoints are compliant:**
1. Get the *compliance.cab* file from the SCCM configuration package .zip file (*WindowsATPOnboardingPackage.zip*) that you downloaded during the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://seville.windows.com):
1. Click **Client onboarding** on the **Navigation pane**.
2. Select **SCCM**, click **Download package** and save the .zip file. <span style="background-color: yellow;">Iaan: Need to confirm the UI for this</span>
3. Extract the *compliance.cab* file from the package.
2. In the SCCM console, click **Assets and Compliance** at the bottom of the navigation pane.
3. Click **Overview** and then **Compliance Settings**.
4. In the main area of the SCCM console, click **Configuration Baselines** and import the provided cab. <span style="background-color: yellow;">Iaan: Need to confirm that 'import' is available/ UI is correct</span>
5. Right-click the imported baseline and deploy to a predefined device collection. <span style="background-color: yellow;">Naama: Is this 'export' as in the screenshot, or is that showing something else?</span>
![image](images/export-sccm.png)
<span style="background-color: yellow;">Iaan: Need to confirm this is what it looks like</span>
6. In the SCCM console, click **Monitoring** at the bottom of the navigation pane.
7. Click **Overview** and then **Deployments**.
8. Click the deployment with the package name <span style="background-color: yellow;">Naama: What is the name of the deployment, will it always be the same for every user/installation?</span>
<span style="background-color: yellow;">Naama: How does one know if there is an issue?</span>
If there are non-compliant endpoints (endpoints with ?????), you may need to troubleshoot the endpoints. See the [Troubleshoot Windows Defender ATP onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) topic for more information.
<span style="background-color: yellow;">Naama: Is this a correct process for resolving issues?</span>]]]
![SCCM showing successful deployment with no errors](images/sccm-deployment.png)
## Related topics
- [Windows Defender ATP service onboarding](service-onboarding-windows-defender-advanced-threat-protection.md)