macOS Device Control policies frequently asked questions (FAQ)
Applies to:
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender XDR
- Microsoft Defender for Business
This article provides answers to frequently asked questions about Device Control capabilities in Microsoft Defender for Endpoint.
Questions | Answers
How do I know whether the machine is Device Control enabled, and what is the Default Enforcement?
Answer: Run mdatp device-control policy preferences list to see all the iOS policies on this machine:
How do I know whether the policy has been delivered to the client machine?
Answer: Run mdatp device-control policy rules list to see all the iOS policies on this machine:
Answer 2: Run mdatp device-control policy groups list to see all the iOS groups on this machine:
See also
- Device Control for macOS
- Deploy and manage Device Control using Intune
- Deploy and manage Device Control using jamf
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for