You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/protect/mde-security-integration.md
+9-8Lines changed: 9 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ keywords:
7
7
author: brenduns
8
8
ms.author: brenduns
9
9
manager: dougeby
10
-
ms.date: 05/12/2022
10
+
ms.date: 07/28/2022
11
11
ms.topic: how-to
12
12
ms.service: microsoft-intune
13
13
ms.subservice: protect
@@ -64,6 +64,14 @@ When you select a policy, you'll see information about the device check-in statu
64
64
65
65
## Frequently asked questions and considerations
66
66
67
+
### Device check-in frequency
68
+
69
+
Devices managed by this capability check in with Microsoft Endpoint Manager every 90 minutes to update policy.
70
+
71
+
### Devices protected by Tamper Protection
72
+
73
+
If a device has Tamper Protection turned on, it will not be possible to edit its settings without turning Tamper Protection off. When editing settings for a device with Tamper Protection turned on, Microsoft Endpoint Manager presents a *Failed* setting status with an error code of `-2147024891`.
74
+
67
75
### Assignment Filters and Security Management for Microsoft Defender for Endpoint
68
76
69
77
Assignment filters aren't supported for devices communicating through the Microsoft Defender for Endpoint channel. While assignment filters can be added to a policy that could be targeted at these devices, the device will ignore assignment filters. For assignment filter support, the device must be enrolled in to Microsoft Endpoint Manager.
@@ -92,13 +100,6 @@ The following security settings are pending deprecation. The Security Management
92
100
### Managing security configurations on domain controllers
93
101
94
102
Currently, devices are not supported to complete a Hybrid Join to Azure Active Directory. Since an Azure Active Directory trust is required, domain controllers aren't currently supported. We're looking at ways to add this support.
95
-
96
-
<!-- Removing until GA behavior is known>
97
-
### Non-persistent VDI environments
98
-
99
-
Due to the potential effect on Azure Active Directory environments with respect to device lifecycle and service quota, we advise against testing the current installation files and builds shared in this public preview in a non-persistent VDI environment.
100
-
-->
101
-
102
103
### Server Core installation
103
104
104
105
Due to the platform limitations of Server core installations, these are not supported by Security Management for Microsoft Defender for Endpoint.
0 commit comments