MicrosoftDocs
diff --git a/‎memdocs/intune/protect/includes/security-config-mgt-prerequisites.md‎
Lines changed: 2 additions & 7 deletions b/‎memdocs/intune/protect/includes/security-config-mgt-prerequisites.md‎
Lines changed: 2 additions & 7 deletions
diff --git a/‎memdocs/intune/protect/media/mde-security-integration/add-role-in-mde.png‎
-79.8 KB b/‎memdocs/intune/protect/media/mde-security-integration/add-role-in-mde.png‎
-79.8 KB
diff --git a/‎memdocs/intune/protect/media/mde-security-integration/add-role.png‎
-65.3 KB b/‎memdocs/intune/protect/media/mde-security-integration/add-role.png‎
-65.3 KB
diff --git a/‎windows-365/enterprise/health-checks.md‎
Lines changed: 1 addition & 1 deletion b/‎windows-365/enterprise/health-checks.md‎
Lines changed: 1 addition & 1 deletion
@@ -4,7 +4,7 @@ description: include file
 author: brenduns
 ms.service: microsoft-intune
 ms.author: brenduns
-ms.date: 05/12/2022
+ms.date: 09/12/2022
 ms.topic: include
 ---
 ## Prerequisites
@@ -123,13 +123,8 @@ To support Microsoft Defender for Endpoint security configuration management thr
    > [!TIP]
    > Use pilot mode and the proper device tags to test and validate your rollout on a small number of devices. Without using pilot mode, any device that falls into the scope configured will automatically be enrolled.
 
-1. Make sure the relevant users have permissions to manage endpoint security settings in Microsoft Endpoint Manager or grant those permissions by configuring a role in the Microsoft 365 Defender portal. Go to **Settings** > **Roles** > **Add item**:
-   :::image type="content" source="../media/mde-security-integration/add-role-in-mde.png" alt-text="Create a new role in the Defender portal.":::
-   > [!TIP]
-   > You can modify existing roles and add the necessary permissions versus creating additional roles in Microsoft Defender for Endpoint
-1. When configuring the role, add users and be sure to select **Manage endpoint security settings in Microsoft Endpoint Manager**:
+1. Make sure the relevant users have permissions to manage endpoint security settings in Microsoft Endpoint Manager. If not already provided, request for your IT administrator to grant applicable users the Microsoft Endpoint Manager’s **Endpoint Security Manager** [built-in RBAC role](/mem/intune/fundamentals/role-based-access-control).
 
-      :::image type="content" source="../media/mde-security-integration/add-role.png" alt-text="Grant users permissions to manage settings.":::
 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 1. Select **Endpoint security** > **Microsoft Defender for Endpoint**, and set **Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations** to **On**.
 
 
@@ -64,7 +64,7 @@ Every failed ANC or success with warning error state includes the technical deta
 - **First party app permissions exist on Azure virtual network**: Sufficient permissions exist on the Azure vNet.
 - **Environment and configuration is ready**: Underlying infrastructure is ready for provisioning to succeed.
 - **Intune enrollment restrictions allow Windows enrollment**: Verify that Intune enrollment restrictions are configured to allow Windows enrollment.
-- **Localization language package readiness**: Verify that the operating system and Microsoft 365 language packages can install. Also verify that the localization package download link is reachable.
+- **Localization language package readiness**: Verify that the operating system and Microsoft 365 language packages are reachable. Also verify that the localization package download link is reachable.
 
 <!-- ########################## -->
 ## Next steps