Skip to main content

I have distributed Windows ATP for Mac like described here



https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf



It works fine, but the auto update of the ATP does not work. According to https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-updates



And I run ./msupdate --install --apps wdav00 no updates are found - even I can see the all clients are not updated and have a "yellow" alert sign



Anyone know how to add ATP so it will work with MAU?

Follow this link, commands listed at end of article:



https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-resources

Try the command: ./msupdate --install -a wdav00



Seems to do the trick.

@jameson -

I know this is an OLD thread, but did you ever get it working?  I think I am in the same situation now.  The msupdate command just doesn't do anything, and I know the version of Defender is not the latest...

./msupdate --install --apps wdav00

Launch with elevated privileges
Detecting and downloading updates...
Cannot determine Update Assistant state.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
Update Assistant is available.
No result returned from Update Assistant

 

This seems to be the case across all endpoints I have tried.... It also doesn't appear in the MAU GUI.

Here's a small script I run to kickstarter Defender updates:

 

#!/bin/bash

CONSOLE=$(/usr/bin/python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "\\n");')

 

/usr/bin/sudo -u $CONSOLE /Library/Application\\ Support/Microsoft/MAU2.0/Microsoft\\ AutoUpdate.app/Contents/MacOS/msupdate --install --apps wdav00


# Run Definition update check
/usr/local/bin/mdatp definitions update

 

exit

Just in case anyone finds it useful, I manged to get the autoupdater working by changing the config file to include 'Microsoft Defender.app' -- apaprently a previous name for it was Microsoft Defender ATP.app and that old config was knocking it out of Auto Update:

<key>/Applications/Microsoft Defender.app</key>
<dict>

<key>Application ID</key>
<string>WDAV00</string>

<key>LCID</key>
<integer>1033</integer>

</dict>

Just removed the old entry and added the above under the Applications key, in the existing plist generated by a Config Profile that was handling all the other apps.

 

Just in case anyone finds it useful, I manged to get the autoupdater working by changing the config file to include 'Microsoft Defender.app' -- apaprently a previous name for it was Microsoft Defender ATP.app and that old config was knocking it out of Auto Update:

<key>/Applications/Microsoft Defender.app</key>
<dict>

<key>Application ID</key>
<string>WDAV00</string>

<key>LCID</key>
<integer>1033</integer>

</dict>

Just removed the old entry and added the above under the Applications key, in the existing plist generated by a Config Profile that was handling all the other apps.

 


Hi - that does seem as though it would be useful.  Where does that config file (plist ?) live?

Thanks

EDIT - Found it...

Library/Preferences/com.microsoft.autoupdate2.plist

Reply


Terms & ConditionsCookie settings