When setting up Defender, you may encounter an error message like the one below. This is an older problem, but it will still crop up if you are setting up Defender for the first time in a tenant that has existed for a long time.
To resolve this error, you need to remove three security groups from Azure AD. These groups were created by default in your tenant but have since been deprecated by Defender.
Locate the groups shown above, as Azure ATP (your tenant name) Administrators, Users and Viewers. Delete all three groups.
Once you’ve done that, refresh the page at https://security.microsoft.com/settings/identities and you should see it populate as in the figure below.
You are now ready to begin configuring the settings for Defender for Identity.
See more posts about Defender
All we do is support IT professionals. Microsoft 365 technical assistance, occasional Newsletter, Security community, MSP Legislation community, Intune, Defender and Lighthouse community, Peer groups, Papers, Business consulting and more. https://www.thirdtier.net and https://www.facebook.com/thirdtier for the community groups listed above.
