Troubleshoot license issues for Microsoft Defender for Endpoint on macOS
Applies to:
- Microsoft Defender for Endpoint on macOS
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender XDR
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.
No license found
When Microsoft Defender for Endpoint on macOS is being deployed, an error message with an x on top of the Microsoft Defender for Endpoint on macOS shield appears.
Select the x symbol.
Message
When you select the x symbol, you see options as shown in the following screenshot:
When you select Action needed, you get the error message as shown in the following screenshot:
You encounter this message in a different way: If you're using the terminal to enter mdatp health without the double quotes, the message as shown in the following screenshot is displayed:
Cause
You can encounter an error if you've deployed and/or installed the Microsoft Defender for Endpoint on macOS package Download installation packages, but you might not have run the configuration script Download the onboarding package that contains the license settings. For information on troubleshooting in this scenario, see If you didn't run the configuration script.
You can encounter an error message when the Microsoft Defender for Endpoint on macOS agent isn't up to date. For information on troubleshooting in this scenario, see If Microsoft Defender for Endpoint on macOS isn't up to date.
You can encounter an error message if you offboarded and reonboarded Mac from Microsoft Defender for Endpoint on macOS.
You can encounter an error message if a license isn't assigned to a user. For information on troubleshooting in this scenario, see If a license isn't assigned to a user.
Solutions
If you did not run the configuration script
This section describes the troubleshooting measures when the error/warning message is caused by nonexecution of the configuration script. The script contains the license settings when the Microsoft Defender for Endpoint on macOS package is installed and deployed.
Depending on the deployment management tool used, follow the tool-specific instructions to onboard the package (register the license) as described in the following table:
| Management | License deployment instructions (Onboarding instructions) |
|---|---|
| Intune | Download the onboarding package |
| JamF | Step 1: Get the Microsoft Defender for Endpoint onboarding package |
| Other MDM | License settings |
| Manual installation | Download installation and onboarding packages; and Onboarding Package |
Note
If the onboarding package runs correctly, the licensing information will be located in /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist.
If Microsoft Defender for Endpoint on macOS is not up to date
For scenarios where Microsoft Defender for Endpoint on macOS isn't up to date, you need to update the agent.
If Microsoft Defender for Endpoint on macOS has been offboarded
When the offboarding script is executed on the macOS, it saves a file in /Library/Application Support/Microsoft/Defender/ and it's named com.microsoft.wdav.atp.offboarding.plist.
If the file exists, it will prevent the macOS from being onboarded again. Delete the com.microsoft.wdav.atp.offboarding.plist running the onboarding script again.
If a license is not assigned to a user
In the Microsoft Defender portal (security.microsoft.com), select Settings, and then select Endpoints.
Select Licenses.
Select View and purchase licenses in the Microsoft 365 admin center. The following screen in the Microsoft 365 admin center portal appears:
Check the checkbox of the license you want to purchase from Microsoft, and select it. The screen displaying detail of the chosen license appears:
Select the Assign licenses link.
The following screen appears:
Select + Assign licenses.
Enter the name or email address of the person to whom you want to assign this license. The following screen appears, displaying the details of the chosen license assignee and a list of options.
Check the checkboxes for Microsoft 365 Advanced Auditing, Microsoft Defender XDR, and Microsoft Defender for Endpoint. Then select Save.
On implementing these solution-options (either of them), if the licensing issues have been resolved, and then you run mdatp health, you should see the following results:
Sign in with your Microsoft account
Message
Sign in with your Microsoft account to get started.
Create new account or Switch to enterprise app.
Cause
You've downloaded and installed Microsoft Defender for individuals on macOS on top of previously installed Microsoft Defender for Endpoint.
Solution
Select Switch to enterprise app to switch to Enterprise experience.
You can also suppress switching to experience for Individuals on MDM-enrolled machines by including userInterface/consumerExperience in the Defender's settings:
<key>userInterface</key>
<dict>
<key>consumerExperience</key>
<string>disabled</string>
</dict>
Recommended content
- Manual deployment for Microsoft Defender for Endpoint on macOS: Install Microsoft Defender for Endpoint on macOS manually from the command line.
- Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro: Learn how to set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro.
- Microsoft Defender for Endpoint on Mac: Learn how to install, configure, update, and use Microsoft Defender for Endpoint on Mac.
- Deploying Microsoft Defender for Endpoint on macOS with Jamf Pro: Learn how to deploy Microsoft Defender for Endpoint on macOS with Jamf Pro.
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for