You might need to troubleshoot the Windows Defender ATP onboarding process if you encounter issues. This page provides detailed steps to troubleshoot onboarding issues that might occur when deploying with one of windows 7 software center pending verification deployment tools and common errors that might occur on the machines. If you have completed the onboarding process and don’t see machines in the Machines list after an hour, it might indicate an onboarding or connectivity problem. Troubleshoot onboarding when deploying with Group Policy Deployment with Group Policy is done by running the onboarding script on the machines.
The Group Policy console does not indicate if the deployment has succeeded or not. If you have completed the onboarding process and don’t see machines in the Machines list after an hour, you can check the output of the script on the machines. For more information, see Troubleshoot onboarding when deploying with a script. If the script completes successfully, see Troubleshoot onboarding issues for additional errors that might occur. Deployment with the above-mentioned versions of System Center Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console. If the deployment fails, you can check the output of the script on the machines.
If the onboarding completed successfully but the machines are not showing up in the Machines list after an hour, see Troubleshoot onboarding issues for additional errors that might occur. Click Start, type Event Viewer, and press Enter. Look for an event from WDATPOnboarding event source. If the script fails and the event is an error, you can check the event ID in the following table to help you troubleshoot the issue. The following event IDs are specific to the onboarding script only.
Did not find what they wanted? Try here
Verify that the script was ran as an administrator. If the machine is running Windows 10, version 1607 and running the command sc query sense returns START_PENDING, reboot the machine. If rebooting the machine doesn’t address the issue, upgrade to KB4015217 and try onboarding again. If the message of the error is: System error 577 has occurred. You need to enable the Windows Defender Antivirus ELAM driver, see Ensure that Windows Defender Antivirus is not disabled by a policy for instructions. The service could have taken more time to start or has encountered errors while trying to start.
For more information on events and errors related to SENSE, see Review events and errors using Event viewer. The script failed to find it after several seconds. You can manually test it and check if it’s there. The SENSE service has failed to onboard properly. Run the script again with administrator privileges. Troubleshoot onboarding issues using Microsoft Intune You can use Microsoft Intune to check error codes and attempt to troubleshoot the cause of the issue. If you have configured policies in Intune and they are not propagated on machines, you might need to configure automatic MDM enrollment.
If none of the event logs and troubleshooting steps work, download the Local script from the Machine management section of the portal, and run it in an elevated command prompt. Check the event IDs in the View agent onboarding errors in the machine event log section. Check the MDM event logs in the following table or follow the instructions in Diagnose MDM failures in Windows 10. Possible cause: Windows Defender ATP Policy registry key does not exist or the OMA DM client doesn’t have permissions to write to it. If it doesn’t exist, open an elevated command and add the key. Possible cause: An attempt to remediate by read-only property. Troubleshooting steps: Check the troubleshooting steps in Troubleshoot Windows Defender Advanced Threat Protection onboarding issues.
Currently is supported platforms: Enterprise, Education, and Professional. The following table provides information on issues with non-compliance and how you can address the issues. Possible cause: Check that user passed OOBE after Windows installation or upgrade. During OOBE onboarding couldn’t be completed but SENSE is running already. Troubleshooting steps: Wait for OOBE to complete. Possible cause: Sense service’s startup type is set as “Delayed Start”.