Forum Discussion
Tamper Protection Not turing on on newly deployed devices
I have no issue with device deployed before.
Now new devices with Windows 11 22H2 Build 22621.525 are having this issue.
Tamper Protection is enabled in Defender 365 Portal for all Endpoints.
Intune configuration policy: Windows Security Experience.
TamperProtection (Device) On
Fails with error type 2
Error code 65000.
Checking Event logs.
MDM ConfigurationManager: Command failure status. Configuration Source ID: (C127515F-5427-49C7-B6AE-4275FB1AE464), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Defender), Command Type: (Add: from Replace or Add), CSP URI: (./Vendor/MSFT/Defender/Configuration/TamperProtection), Result: (The system cannot find the file specified.).
I only have this issue on newly deployed devices
2 Replies
If you have the policy "Microsoft Defender Antivirus" configured, specifically the "Allow User UI Access" configuration, if set to disable access this can cause conflicts with the "Windows Security Experience" policy settings, best to leave it not configured.
Users typically do not need access to Windows Security Centre so it's best practice to enabled tamper protection but then remove all UI components manually using the settings within Windows Security Experience policy. If done correctly it will implement like the following:
Did you ever get this resolved. I have the same issue
