Adding Windows Defender ATP Tracking to Your Devices

Before you begin

You must have SOTI MobiControl Package Studio installed.

About this task

Note: Windows Defender Advanced Threat Protection (ATP) is only available on Windows desktop devices running Windows 10 Enterprise, Education, Pro, or Pro Education editions. Learn more at Windows Defender ATP.

To configure Windows Defender ATP for your devices:

Procedure

Within the Windows Defender ATP Portal
  1. Select the Endpoint Management tab from the left-hand panel.
  2. Choose Local Script from the Select your deployment tool: drop-down list.
  3. Click the Download package button to download an Onboarding script zip file. The zip file will be named WindowsDefenderATPOnboardingPackage.zip.
  4. Unzip the zip file and open the onboarding script file in a text editor and remove pause from the following section:

    :CLEANUP

    if exist %TMP%\senseTmp.txt del %TMP%\senseTmp.txt

    pause

    If you do not complete this step, the cmd.exe will continue to run in the background and never be addressed.

  5. Open a new document in your text editor and copy and paste in the following command: c:\temp\WindowsDefenderATPOnboardingScript.cmd > c:\temp\onboard_log.txt into the document.
  6. Save this file as Onboard_log.cmd.
    This file creates logs for any commands run on the command prompt.
  7. Open a new document in your text editor and copy and paste the following command: shellexecute c:\temp\onboard_log.cmd -open into the new document.
  8. Save this file as Post_install.cmd.
    This file installs the package once it has been deployed to the devices.
Perform these steps within the SOTI MobiControl Package Studio:
  1. Under the File menu, select Create New Package Project.
  2. Enter a name for the package and make sure Platform is set to All.
  3. Fill in the remaining fields and click Next.
    See Using Package Studio for more information on the other fields.
  4. On the Add Scripts screen, select Post-Install as the type of script and browse to the location of the Post_install.cmd file. Click Next.
  5. Click the Add button to add your onboarding script to the package and click Next.
  6. On the File Attributes screen, set the Destination on Device to the same path specified in your Post_install.cmd and Onboard_log.cmd files: C:\temp\
  7. Deselect Automatically Run Activity after Install.
    This is redundant in this case as the Post_install.cmd file accomplishes the same task.
  8. Click the Add button again to upload the Onboard_log.cmd file and repeat the steps.
  9. When you have finished adding both files to the package, click Next and then Finish.
  10. Click Build Package Now and review the output dialog to see where the .pcg file is located.
Perform these steps within the SOTI MobiControl console:
  1. On the Windows Modern tab, go to the Packages tab.
  2. Click the Add button and browse to the location of the .pcg you just created to upload it to SOTI MobiControl. When successful, you should see a new package listed on the screen.
    See Adding Packages to SOTI MobiControl for more information.
  3. While still on the Windows Modern tab, switch to the Profiles tab.
  4. Click the Add button to open the Add Profile dialog box. Enter a name for your profile and select Windows Desktop from the Type drop-down list.
  5. Switch to the Packages tab within the dialog box and click Add to open the Add Package dialog box.
  6. Select your Windows Defender ATP scripts package from the list of packages and click Add.
  7. Click Save and Assign to deploy this script to your devices.

Results

Your devices are now ready to be tracked with Windows Defender ATP.