Azure Arc connected Linux machines
I have multiple Linux (various supported distros) connected to Azure via Arc. MDE has deployed automatically and installed successfully on all systems. I created a security group in Entra and added the Service Principal (Entra device objects do not exist, (should they?)) for each Arc connected machine to that Entra Security Group. I have created an Endpoint Security Policy in the Defender portal and applied it to said Entra Security Group. The goal is to manage the auto deployed MDE installation via this policy.
The policy is not applying to any of the Linux servers. The Arc install appears healthy and mdatp health command is showing Healthy:true Licensed:true and the Arc tags etcetera. There are some error logs in /var/log/microsoft/mdatp but nothing jumps out at me as a cause other than the fact that the managed.json file doesn’t exist. My question is, how do I get the MDE install to be managed via this Endpoint Security Policy?
I have multiple Linux (various supported distros) connected to Azure via Arc. MDE has deployed automatically and installed successfully on all systems. I created a security group in Entra and added the Service Principal (Entra device objects do not exist, (should they?)) for each Arc connected machine to that Entra Security Group. I have created an Endpoint Security Policy in the Defender portal and applied it to said Entra Security Group. The goal is to manage the auto deployed MDE installation via this policy.The policy is not applying to any of the Linux servers. The Arc install appears healthy and mdatp health command is showing Healthy:true Licensed:true and the Arc tags etcetera. There are some error logs in /var/log/microsoft/mdatp but nothing jumps out at me as a cause other than the fact that the managed.json file doesn’t exist. My question is, how do I get the MDE install to be managed via this Endpoint Security Policy? Read More