Share via

Windows Server 2012 R2/2016/2019 unable to connect between MDE and MEM

Zach 106 Reputation points
2023-01-05T19:39:15.347+00:00

Our team is looking to get our on-premise Windows Servers to Microsoft Defender for Endpoint via the onboard scripts available and then get them to connect/talk with Microsoft Endpoint Manager so we can configure/push policy.

we have follow documentation from MS provided here: https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration?view=o365-worldwide

as well as online documentation located here: https://jeffreyappel.nl/managing-microsoft-defender-for-endpoint-with-the-new-security-management-feature-in-mem/

and enabled all options between Microsoft Defender Portal and the Microsoft Endpoint Manager Portal.

we included the servers we wanted to test in the AADConnect Scope so they sync to Azure and register.

After all this and following the onboard script, the servers appear with an error as such:

This device has a configuration enforcement error:
The device was onboarded to Microsoft Defender for Endpoint but encountered an issue registering to MEM and/or AAD.
Consider running theClient Analyzer and Contact Support.

we attempt to run the ClientAnalyzer tool but get a General Error of 31 consistently, and are unable to understand why, MS docs regarding troubleshooting Hybrid Join isn't descriptive (https://learn.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-current)

we have opened a ticket with Microsoft and the MDE team thought it was an Intune issue and the Intune team is saying initially that it is not supported to have devices appear on the Microsoft Endpoint Manager portal that are Windows Server unless they are co managed by SCCM which the documentation does not mention said hard requirement at all.

Has anyone else run into similar issue or have ideas on how to fix this?

We are still working with MS support but any further help would be great.

Microsoft Security | Intune | Enrollment
Microsoft Security | Intune | Configuration Manager | Other
Windows for business | Windows Server | Devices and deployment | Configure application groups
Microsoft Security | Intune | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,776 Reputation points
    2023-01-06T14:18:12.293+00:00

    Hello there,

    Do you get any Event ID generated while running the onbaoridng script ?

    -Check the result of the script on the device:
    -Click Start, type Event Viewer, and press Enter.
    -Go to Windows Logs > Application.
    -Look for an event from WDATPOnboarding event source.

    If the script fails and the event is an error, you can check the event ID in the following table to help you troubleshoot the issue. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide

    Similar discussion here https://learn.microsoft.com/en-us/answers/questions/504359/microsoft-defender-for-endpoint-onboarding-with-me.html

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer–

  2. Ezequiel Sartori 0 Reputation points
    2023-01-18T20:10:23.5033333+00:00

    Zach do you find the solution? We are having this error in our environment. and as you mentioned MS doesn't have enough information related to troubleshooing

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.