Intune – You can now use the Intune/Endpoint Configuration Manager portal to manage ATP onboarding and policy for SCCM clients

As you now, System Center Configuration Manager (SCCM) and Intune/Endpoint Configuration Manager are getting closer with each other and more integrated.

The latest improvement is about Windows Defender Advanced Threat Protection (ATP) onboarding process.

You already knew you were able to manage Windows Defender ATP onboarding from both side – either System Center Configuration Manager or Intune/Endpoint Configuration Manager.

Well, now you can ‘merge’ both world as you can now create and manage onboarding policies for Windows Defender ATP for SCCM clients directly from the Intune/Endpoint Configuration Manager portal.

You must of course first have an active Windows Defender ATP tenant.

Connect to your Endpoint Configuration Manager portal (either – remember this URL is going to be replaced – or and access the Endpoint Security blade


Then access the Endpoint detection and response to create a new policy


When creating the policy you have to choose the Windows 10 and Windows Server platform, then you will be able to select the Endpoint detection and response (ConfigMgr) profile

image_thumb[2]  image_thumb[3]

Finally during the Assignments step you will be able to the SCCM devices collection you want to get the policy deployed to.