From 47fa4b004d4d8f1b3a85b489f5f4358c8ad41a92 Mon Sep 17 00:00:00 2001 From: David M <9053317+dmcwee@users.noreply.github.com> Date: Mon, 28 Oct 2024 12:10:33 -0400 Subject: [PATCH] Update mac-install-with-intune.md Correcting step 5 policy name, mobileconfig file links in steps 6-8, removed note in step 9 --- defender-endpoint/mac-install-with-intune.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/defender-endpoint/mac-install-with-intune.md b/defender-endpoint/mac-install-with-intune.md index ad440980f3..23bf63495b 100644 --- a/defender-endpoint/mac-install-with-intune.md +++ b/defender-endpoint/mac-install-with-intune.md @@ -217,7 +217,7 @@ To configure notifications: 1. Select **Create**. -1. On the **Basics** tab, **Name** the profile. For example, `BackgroundServices-prod-macOS-Default-MDE`. Then select **Next**. +1. On the **Basics** tab, **Name** the profile. For example, `Notify-prod-macOS-Default-MDE`. Then select **Next**. 1. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `Notif.mobileconfig`. @@ -233,7 +233,7 @@ To configure notifications: This profile is used to allow Microsoft Defender for Endpoint on macOS to access the accessibility settings on Apple macOS High Sierra (10.13.6) and newer. -Download [accessibility.mobileconfig](https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/accessibility.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles). +Download [accessibility.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/refs/heads/master/macos/mobileconfig/profiles/accessibility.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles). 1. Under **Configuration profiles**, select **Create Profile**. @@ -262,7 +262,7 @@ Download [accessibility.mobileconfig](https://github.com/microsoft/mdatp-xplat/b > [!CAUTION] > macOS 14 (Sonoma) contains new privacy enhancements. Beginning with this version, by default, applications cannot access Bluetooth without explicit consent. Microsoft Defender for Endpoint uses it if you configure Bluetooth policies for Device Control. -Download [bluetooth.mobileconfig](https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/bluetooth.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles) and use the same workflow as in [Step 6: Accessibility settings](#step-6-accessibility-settings) to enable Bluetooth access. +Download [bluetooth.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/refs/heads/master/macos/mobileconfig/profiles/bluetooth.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles) and use the same workflow as in [Step 6: Accessibility settings](#step-6-accessibility-settings) to enable Bluetooth access. > [!NOTE] > Bluetooth granted through Apple MDM Configuration Profile is not reflected in System Settings => Privacy & Security => Bluetooth. @@ -277,10 +277,10 @@ This profile is used to update the Microsoft Defender for Endpoint on macOS via For more information, see [Deploy updates for Microsoft Defender for Endpoint on macOS](mac-updates.md). -Download [AutoUpdate2.mobileconfig](https://github.com/microsoft/mdatp-xplat/blob/master/macos/settings/microsoft_auto_update/com.microsoft.autoupdate2.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles). +Download [com.microsoft.autoupdate2.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/refs/heads/master/macos/settings/microsoft_auto_update/com.microsoft.autoupdate2.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles). > [!NOTE] -> The sample `AutoUpdate2.mobileconfig` from the GitHub repository has it set to Current Channel (Production). +> The sample `com.microsoft.autoupdate2.mobileconfig` from the GitHub repository has it set to Current Channel (Production). 1. Under **Configuration profiles**, select **Create Profile**. @@ -294,7 +294,7 @@ Download [AutoUpdate2.mobileconfig](https://github.com/microsoft/mdatp-xplat/blo 1. On the **Basics** tab, **Name** the profile. For example, `Autoupdate-prod-macOS-Default-MDE`. Then select **Next**. -1. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `Autoupdate.mobileconfig`. +1. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `com.microsoft.autoupdate2.mobileconfig`. 1. Choose a **Deployment channel** and select **Next**. @@ -329,9 +329,6 @@ For more information about managing security settings, see: - [Manage Microsoft Defender for Endpoint on devices with Microsoft Intune](/mem/intune/protect/mde-security-integration?pivots=mdssc-ga) - [Manage security settings for Windows, macOS, and Linux natively in Defender for Endpoint](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/manage-security-settings-for-windows-macos-and-linux-natively-in/ba-p/3870617) -> [!NOTE] -> If the device is managed via Intune, the device won't register via Defender for Endpoint Security Settings Management in the [Microsoft Defender portal](https://security.microsoft.com). Only the policies set via Intune take effect. - #### **Set policies using Microsoft Intune** You can manage the security settings for Microsoft Defender for Endpoint on macOS under **Setting Preferences** in Microsoft Intune.