Defender for Business onboarding endpoint

Error ID 15 in Microsoft Defender for Endpoint typically indicates a problem with device onboarding. Given that you've already followed the steps in the referenced Microsoft support page without success, here are some additional troubleshooting steps and considerations to help resolve the issue:

Check Licensing and Requirements

Ensure Correct Licensing: Verify that you have a valid license for Microsoft Defender for Endpoint for the device you're trying to onboard. Ensure that the license includes the Endpoint security features you need.

Verify Operating System Compatibility: Ensure that the device's operating system is compatible with Microsoft Defender for Endpoint. You mentioned using Windows 10 SL, which is a simplified version of Windows 10 often seen in countries with specific requirements. Ensure it meets all system requirements for Defender for Endpoint.

General Troubleshooting

Restart the Device: Sometimes, a simple reboot can resolve onboarding issues.

Check Internet Connection: Ensure that the device has a stable internet connection and can reach Microsoft servers.

Reset Device: If the issue persists, you can try resetting the device's Microsoft Defender for Endpoint configuration:

Open PowerShell with administrative privileges.

Run sc config sense start=disabled.

Reboot the system.

Run sc config sense start=demand.

Reboot the system and try onboarding again.

Update Windows and Defender Components

Ensure Windows is Updated: Check for Windows updates and ensure the device has the latest security patches and updates installed.

Update Defender Components: Open Windows Security and check for updates. If necessary, update the Microsoft Defender antivirus and related components.

Review Logs and Event Viewer

Review Microsoft Defender Logs: Check for additional error information in the Microsoft Defender logs. Look for clues or error messages that might point to the cause of the problem.

Use Event Viewer: Open Event Viewer (search for "Event Viewer" in the Start menu) and review the Windows Logs for any related errors or warnings around the time of the onboarding attempt.

Check Group Policies and Registry Settings

Verify Group Policies: Ensure no group policies are interfering with Microsoft Defender for Endpoint onboarding.

Inspect Registry Settings: Sometimes, incorrect registry settings can cause onboarding errors. Be cautious when editing the registry, as incorrect changes can cause system instability.

@Maguino Oliveira - Safety Computer Thank you for reaching out to us, As I understand while onboarding the device (manually) , the error occurs: Error ID: 15, Error Level: 1.

A potential reason for this is if the start value is set to 4, This can be identified via the log Wdatpinfo.txt - https://video2.skills-academy.com/en-us/defender-endpoint/download-client-analyzer?view=o365-worldwide

Would recommend to restart the affected machine in Safe mode, navigate to following registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sense and set the start value to 2 and restart the machine and try to onboard again.

Let me know if you have any further questions, feel free to post back.

Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.