How to assign Microsoft Defender for EndPoint Policies

The first task is to assign a security group with all users in scope for Microsoft Defender for Endpoint via Azure Licensing Mnagement.

The second part is to apply the policies to a group of users. The syntax below can be used to create an Azure Dynamic user group which will auto populate based on whether a user has a license for Microsoft Defender for Endpoint.

user.assignedPlans -any (assignedPlan.servicePlanId -eq “111046dd-295b-4d6d-9724-d52ac90bd1f2” -and assignedPlan.capabilityStatus -eq “Enabled”)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s