Symptom

New Windows 11, version 24H2 devices that are intended to be onboarded to Microsoft Defender for Endpoint might require customers to enable the prerequisite feature. This affects all supported architectures. 

IT admins might observe devices not being able to be onboarded to the Defender for Endpoint cloud service, and not receiving the expected protection as a result, even if Intune is expected to execute the onboarding sequence by applying an endpoint detection and response (EDR) policy. Intune will also display an error as it is unable to successfully apply the policy. Users may also not be able to connect to corporate resources if a Conditional Access policy is configured to require Defender for Endpoint being enabled and actively reporting in. Compliance status is visible in the Microsoft Intune device compliance dashboard. This might happen in one of the following scenarios.

  • A user buys a new device that has the Home SKU. This SKU does not support Defender for Endpoint. Then the user upgrades to Pro using a Pro product key. This process, called “transmog,” does not install Defender for Endpoint, which is by design. The Defender for Endpoint agent is not correctly enrolled in the Defender for Endpoint service, and the device is not protected.

  • A user buys a new device that has the Pro SKU, and the OEM did not install the required feature. 

Important Defender for Endpoint has been removed from the base image for Windows 11, version 24H2 and needs to be manually installed whenever a device goes from Home to Pro.

Workaround

Use the Deployment Image Servicing and Management (DISM) command-line tool to install the Windows Sense Client from an elevated command prompt. See the command below.

DISM /online /Add-Capability /CapabilityName:Microsoft.Windows.Sense.Client~~~~

To learn more, see WindowsAdvancedThreatProtection CSP.

Windows support resources

Home and Pro: If you need support with your personal or family account, use the Get Help app.

Enterprise and Pro: Request help for your organization through Support for business.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.