Microsoft Defender ATP on macOS Big Sur

tyler_petro
New Contributor III

I have a weird issue I am seeing. We currently have most of our fleet on Mojave and Catalina, using Microsoft Defender ATP anti-virus (101.19.48). When I upgrade to Big Sur, MSATP still works, but requires you to allow the system extension and add the application to full disk access. After that, it gives the checkmark that it is setup.

If I have a device that comes with Big Sur, I install the same version of the client (the same way through a policy that pushes the package), also have the same config profiles (only added one extra to now allow the system extensions for 10.15 and up) and when I run the application, it says "No license found for our Microsoft 365 Enterprise Subscription". I had seen this on some of our Macs on 10.14 and 10.15 and usually fixed it by either running Microsoft auto-updater to update to the latest version or by ensuring the extension and app had full disk access. For some reason, these fixes arent working.

Has anything changed with Big Sur in regards to MSATP (besides the new system extensions config profile that needs to be pushed)?

5 REPLIES 5

bradhall1967
New Contributor

I just started testing Big Sur last week and am seeing the very same thing and have not yet figured this out

Cayde-6
Release Candidate Programs Tester

So I don't have that issue but I scope the install of WDATP and config profiles to Big Sur devices only, usually installs 10mins after an upgrade to Big Sur

Cayde-6
Release Candidate Programs Tester

Otherwise sounds like you need to install the config profiles for system extensions prior to upgrading to Big Sur

taugust_ric
Contributor

Not sure if this is helpful. Looks like there are updated config profiles to create for macOS 10.15.4 and later:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-whats...

tyler_petro
New Contributor III

I actually had to use the steps on this site:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/mac-insta...

Apparently with Big Sur and using the newest version of MSATP, you now have to create an onboarding package and install it as a python script from terminal using bash.