Let’s say that you have kicked off the Microsoft Defender for Business setup wizard as shown above. For the purposes of this article I’ll also assume that this is part of a Microsoft 365 Business Premium tenant.
Let’s assume that you have now completed that process, which you can read about here:
Use the setup wizard in Microsoft Defender for Business
After the wizard has completed I suggest you head to the Settings options in https://security.microsoft.com and then select Endpoints and finally, select Advanced features, where you should see the above screen full of options on the right.
At this point I’d suggest you go and enable all the options listed. Now, not all of them will be relevant but I’d still recommend they be turned on none the less. Do it once and you won’t need to come back is my philosophy.
Leave that location open as we’ll be coming back here.
Next, head over to your Microsoft Endpoint Manager and select Endpoint security on the left, then Microsoft Defender for Endpoint, which should result in the above screen.
Here you want to ensure the Connection status is Enabled (i.e. green check mark) as shown.
If it isn’t for some reason, then head back to https://security.microsoft.com, Settings, Endpoint, Advanced features.
Scroll through the list of items until you find the Microsoft Intune connection as shown above. Ensure that it is turned On. If it isn’t, turn it On, wait at least 15 minutes and check back in Endpoint Manager for the Connection status to be Enabled (i.e. you see the green check mark). If it is already On and the green check mark doesn’t appear, turn the setting Off for at least 15 minutes and then turn it back On. You know, kinda reboot it. The connection status should go green after that in my experience.
When the Connection status is Enabled go and turn all the options on the page to On as shown above.
Return to https://security.microsoft.com and select the Onboarding option as shown above.
My recommendation is that you manually onboard the first Windows 10 device in your environment using a local script. That will ensure everything is working quickly and easily.
Simply download the script provided and run it on one of the Endpoint Manager enrolled devices in your environment.
Once the script has run successfully return to the console and select Device inventory from the menu on the left as shown. Within 15 minutes or so, you should see the machine that you ran the script on appear here.
Congratulations, you have successfully onboarded your first device to Defender for Business in your tenant. You are now free to continue to configure additional devices using the policies provided. I always like to do the very first device in the environment manually so I know everything is working as expected. If I then get issues, I know to troubleshoot my deployment policies.
CIAOPS 
One thought on “Microsoft Defender for Business post setup wizard recommendations”