Microsoft Defender Antivirus: Catch(up) me if you can!

Update: Microsoft confirmed this behavior and will correct this in the next Microsoft Intune update release, most probably the March update 2003.

If you are using Microsoft Defender Antivirus and managing your Windows 10 clients via co-management (Microsoft Endpoint Configuration Manager (MECM) or Microsoft Endpoint Manager (MEM), this blog might be interesting for you.

The catch-up scan block results in the opposite configuration the UI implies.

During an end-to-end multi-platform migration (including Windows 10, macOS, Windows Servers and Linux) of a 3rd party AV solution to Microsoft Defender (ATP) we noticed some striking behavior.

Continue reading “Microsoft Defender Antivirus: Catch(up) me if you can!”

Troubleshooting: Endpoint Configuration Manager Device Collection Membership Synchronization

Device collection membership Synchronization to Azure AD security groups (aka Azure AD Group sync) is introduced since 1906 and offers a multitude of new management options. Meanwhile a lot has been written and resulted in some great blog posts by various community peers like Nickolaj Andersen, Nick Hogarth as well as by Microsoft Docs.

What these resources have in common is they all describe how to enable and configure Azure AD group sync. In this blog post I’ll go in to more details what’s behind the scenes, how device collection synchronization works and what actions you can take in the event of troubleshooting is desired.

Continue reading “Troubleshooting: Endpoint Configuration Manager Device Collection Membership Synchronization”