Issue/Question
- How do I install and onboard MDE on macOS?
Environment
- Oregon State University
- OSU owned machine
- macOS version must be 10.14.6 (Mojave) or newer --> Mojave, Catalina, Big Sur, or Monterey
Notes
This process involves running a script in Terminal and will need an admin user.
MDE installation and onboarding files are available via https://oregonstate.box.com/s/8pflo4r2fldejzwrnivmug18brtljbtv (OSU Login Required)
Approximate time to plan for this: the first time might take up to 15 minutes, but full time to process - including downloads/installs - is closer to 5 minutes (assuming decent network connection).
Resolution
Install Microsoft Defender for Endpoint
- Install wdav.pkg from the Box link (follow all the prompts).
- You will need to open Security Preferences.
- You will need to open System Preferences > Security & Privacy. Select Details and choose both options listed.
- You will need to allow full disk access to Microsoft Defender ATP and Microsoft Defender ATP Endpoint Security Extension via System Preferences > Security & Privacy > Privacy
- Drag the ‘MicrosoftDefenderATPOnboardingMacOs.sh’ script from the Downloads folder to whatever location you want to run it from.
- Open Terminal.
- Run the onboarding script.
- You can run the script by hand with the full path (e.g. /Users/MyUser/Downloads/MicrosoftDefenderATPOnboardingMacOs.sh), by changing directory with CD first, or simply drag the onboarding script from Downloads directly on top of Terminal and press enter.
- Follow all prompts. All tests/steps should return [OK].
- You should see the MDE icon in the upper right of the menu bar now has a checkmark on it, instead of an X.
Once it’s set up, you can test how it’s working by running this in Terminal: mdatp connectivity test