Guide: Deploy Microsoft Defender using Atera.

lauri.kinnunen

Hi,

We have a customer that does not have Configuration Manager and no Intune.
I was tasked to Deploy Microsoft defender to all customer machines ~20 (including 1 server)
Microsoft states that this method is not suitable for deployments of over 10 or more devices, i had not issues.

After applying Defender P1 licenses to m365 tenant i was able to download the installation CMD.

I needed to edit the WindowsDefenderATPLocalOnboardingScript.CMD to make it work, here are the required edits to make the script to run smoothly.

1. Remove the user consent and pause from the script

Open the CMD file using any text editor
Remove Rows 8 - 19
:USER_CONSENT
set /p shouldContinue= "Press (Y) to confirm and continue or (N) to cancel and exit: "
IF /I "%shouldContinue%"=="N" (
GOTO CLEANUP
)
IF /I "%shouldContinue%"=="Y" (
GOTO SCRIPT_START
)
echo.
echo Wrong input. Please try again.
GOTO USER_CONSENT
echo.
Remove Row 185
pause

2. Upload the modified script to desired location (i used azure blob storage)

3. Create script to download and run this script on machines here is an example:
$date = Get-Date -format yyyyMMdd_hhmmss
$path = "c:\temp"
$FullPath = $path + "Scheduler_log_" + $date.ToString() + ".txt"
if(!(test-path "C:\temp")) {
write-host "Create folder c:\Temp"
mkdir "C:\Temp"
} else { write-host "Folder exist"}
Start-Transcript -Path $FullPath
$DownloadUri = {[DownladURL]}

Write-Host "Download Deployment for Defender For Endpoint"
Invoke-WebRequest -Uri $DownloadUri -OutFile "c:\temp\WindowsDefenderATPLocalOnboardingScript.cmd"
Write-Host "Deploy Defender for Endpoint"
cmd /c "c:\temp\WindowsDefenderATPLocalOnboardingScript.cmd"

Stop-Transcript

I hope this is useful!

gilgi

Thanks Lauri!
I think that it should also be available with the upcoming WinGet installer, but this is solid help!