Error setting up Identities in Defender

When setting up Defender, you may encounter an error message like the one below. This is an older problem, but it will still crop up if you are setting up Defender for the first time in a tenant that has existed for a long time.

Error message when setting up Identities in Defender

To resolve this error, you need to remove three security groups from Azure AD. These groups were created by default in your tenant but have since been deprecated by Defender.

To use Defender for Identity you need to delete these groups first

Locate the groups shown above, as Azure ATP (your tenant name) Administrators, Users and Viewers. Delete all three groups.

Once you’ve done that, refresh the page at and you should see it populate as in the figure below.

Defender for Identity settings

You are now ready to begin configuring the settings for Defender for Identity.

See more posts about Defender

All we do is support IT professionals. Microsoft 365 technical assistance, occasional Newsletter, Security community, MSP Legislation community, Intune, Defender and Lighthouse community, Peer groups, Papers, Business consulting and more. and for the community groups listed above.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.