This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 38%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEN%3C/text%3E%3C/svg%3E)
Hi all, we have a problem somewhere between Intune built device and ATP.
The problem we are experiencing is that we have setup the link between Intune and ATP and created a compliance policy for a machine risk of Medium.
All the devices are showing as none compliant on this policy due to risk level even though they are appearing in ATP as low risk.
In the company portal the device status is stating that Defender ATP isn’t installed but the services are there and running and the device is reporting into ATP ok.
Another possible issue is that the Microsoft Defender ATP page in Intune shows the connection enabled, but the last synchronized date is when we turned the connection on, I would have assumed that would regularly update?
A bit of background.
Laptops are a mixture of Azure joined and hybrid joined (both have the same issue). All are win ver 2004 or 1909 (both have the same problem).
We have run the ATP check script on the devices and the test alert appears in ATP, ATP also shows up to date check in times for the devices. So the problem doesn’t appear to be between the device and ATP.
Enterprise version of windows
M365 e5 licenses.
We have run through the MS ATP error checking pages and that all appears fine.
So in my eyes there appears to be an issues between the connecting Intune and ATP.
Any ideas?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 84%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Device will sync the compliance policy status every 8 hours. How about waiting after 8 hours and seeing the status again?
Thanks for your reply, but this has been in place for well over a week now.
Ed.
Well the problem magically sorted itself out after about 3 weeks (I guess someone from MS decided to turn it on).
The script from above does actually (now) run every 6 hours.
As I know, this sync is only to import the onboarding script from ATP to Intune, in my eyes this should be enough that this sync is done once, because this script is not really changing every day.
Have you also created a Policy and assigned it to a Group of clients/user and also assigned the ATP License to the same or separate Group. I had a similar Problem, that the clients are not onboarded in ATP, when I run the script separate on the clients, it was working, in the end I forgot to assign the License part...