Updated to include System Extensions required for macOS 11 (#149)

MDATP/MacOS_MDATP_Deployment_Add.ps1

@@ -417,7 +417,7 @@ $OnboardingXML = [System.Convert]::ToBase64String($OnboardingXMLFile)
 $MDATP_Onboarding  = @"
 {
     "@odata.type":  "#microsoft.graph.macOSCustomConfiguration",
-    "description":  "",
+    "description":  "Onboarding data required for Defender ATP on macOS",
     "displayName":  "macOS MDATP Onboarding",
     "payloadName":  "MDATP Onboarding",
     "payloadFileName":  "WindowsDefenderATPOnboarding.xml",
@@ -431,7 +431,7 @@ $MDATP_FullDiskAccess  = @"
 {
 
     "@odata.type":  "#microsoft.graph.macOSCustomConfiguration",
-    "description":  "",
+    "description":  "Grants Full Disk Access permission to Defender ATP on macOS",
     "displayName":  "macOS MDATP Full Disk Access",
     "payloadName":  "macOS MDATP Full Disk Access",
     "payloadFileName":  "FullDiskAccess.xml",
@@ -445,7 +445,7 @@ $MDATP_FullDiskAccess  = @"
 $MDATP_Kext  = @"
 {
     "@odata.type":  "#microsoft.graph.macOSCustomConfiguration",
-    "description":  "",
+    "description":  "Legacy kernel extension permission for Catalina and older for Defender ATP",
     "displayName":  "macOS MDATP Kernel Extension",
     "payloadName":  "macOS MDATP Kernel Extension",
     "payloadFileName":  "kext.xml",
@@ -482,7 +482,7 @@ $MDATP_Notifications = @"
 
 {
     "@odata.type":  "#microsoft.graph.macOSCustomConfiguration",
-    "description":  "",
+    "description":  "Grants Defender ATP ability to show emergency notifications to end user",
     "displayName":  "macOS MDATP Notifications",
     "payloadName":  "macOS MDATP Notifications",
     "payloadFileName":  "MDATP.notifications.xml",
@@ -493,6 +493,21 @@ $MDATP_Notifications = @"
 
 ####################################################
 
+$MDATP_sysext = @"
+
+{
+    "@odata.type":  "#microsoft.graph.macOSCustomConfiguration",
+     "description":  "Approves required system extension for Defender AT on macOS, for Big Sur and newer",
+    "displayName":  "macOS MDATP System Extension",
+    "payloadName":  "MDATP macOS System Extension",
+    "payloadFileName":  "system extension.xml",
+    "payload":  "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48IURPQ1RZUEUgcGxpc3QgUFVCTElDICItLy9BcHBsZS8vRFREIFBMSVNUIDEuMC8vRU4iICJodHRwOi8vd3d3LmFwcGxlLmNvbS9EVERzL1Byb3BlcnR5TGlzdC0xLjAuZHRkIj4KPHBsaXN0IHZlcnNpb249IjEiPgogICAgPGRpY3Q+CiAgICAgICAgPGtleT5QYXlsb2FkVVVJRDwva2V5PgogICAgICAgIDxzdHJpbmc+N0U1M0FDNTAtQjg4RC00MTMyLTk5QjYtMjlGNzk3NEVBQTNDPC9zdHJpbmc+CiAgICAgICAgPGtleT5QYXlsb2FkVHlwZTwva2V5PgogICAgICAgIDxzdHJpbmc+Q29uZmlndXJhdGlvbjwvc3RyaW5nPgogICAgICAgIDxrZXk+UGF5bG9hZE9yZ2FuaXphdGlvbjwva2V5PgogICAgICAgIDxzdHJpbmc+TWljcm9zb2Z0IENvcnBvcmF0aW9uPC9zdHJpbmc+CiAgICAgICAgPGtleT5QYXlsb2FkSWRlbnRpZmllcjwva2V5PgogICAgICAgIDxzdHJpbmc+N0U1M0FDNTAtQjg4RC00MTMyLTk5QjYtMjlGNzk3NEVBQTNDPC9zdHJpbmc+CiAgICAgICAgPGtleT5QYXlsb2FkRGlzcGxheU5hbWU8L2tleT4KICAgICAgICA8c3RyaW5nPk1pY3Jvc29mdCBEZWZlbmRlciBBVFAgU3lzdGVtIEV4dGVuc2lvbnM8L3N0cmluZz4KICAgICAgICA8a2V5PlBheWxvYWREZXNjcmlwdGlvbjwva2V5PgogICAgICAgIDxzdHJpbmcvPgogICAgICAgIDxrZXk+UGF5bG9hZFZlcnNpb248L2tleT4KICAgICAgICA8aW50ZWdlcj4xPC9pbnRlZ2VyPgogICAgICAgIDxrZXk+UGF5bG9hZEVuYWJsZWQ8L2tleT4KICAgICAgICA8dHJ1ZS8+CiAgICAgICAgPGtleT5QYXlsb2FkUmVtb3ZhbERpc2FsbG93ZWQ8L2tleT4KICAgICAgICA8dHJ1ZS8+CiAgICAgICAgPGtleT5QYXlsb2FkU2NvcGU8L2tleT4KICAgICAgICA8c3RyaW5nPlN5c3RlbTwvc3RyaW5nPgogICAgICAgIDxrZXk+UGF5bG9hZENvbnRlbnQ8L2tleT4KICAgICAgICA8YXJyYXk+CiAgICAgICAgICAgIDxkaWN0PgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkVVVJRDwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz4yQkEwNzBEOS0yMjMzLTQ4MjctQUZDMS0xRjQ0QzhDOEU1Mjc8L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZFR5cGU8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+Y29tLmFwcGxlLndlYmNvbnRlbnQtZmlsdGVyPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRPcmdhbml6YXRpb248L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+TWljcm9zb2Z0IENvcnBvcmF0aW9uPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRJZGVudGlmaWVyPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nPkNFQkY3QTcxLUQ5QTEtNDhCRC04Q0NGLUJEOUQxOEVDMTU1QTwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkRGlzcGxheU5hbWU8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+QXBwcm92ZWQgTmV0d29yayBFeHRlbnNpb248L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZERlc2NyaXB0aW9uPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nLz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZFZlcnNpb248L2tleT4KICAgICAgICAgICAgICAgIDxpbnRlZ2VyPjE8L2ludGVnZXI+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRFbmFibGVkPC9rZXk+CiAgICAgICAgICAgICAgICA8dHJ1ZS8+CiAgICAgICAgICAgICAgICA8a2V5PkZpbHRlclR5cGU8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+UGx1Z2luPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlVzZXJEZWZpbmVkTmFtZTwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5NaWNyb3NvZnQgRGVmZW5kZXIgQVRQIE5ldHdvcmsgRXh0ZW5zaW9uPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBsdWdpbkJ1bmRsZUlEPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nPmNvbS5taWNyb3NvZnQud2Rhdjwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5GaWx0ZXJTb2NrZXRzPC9rZXk+CiAgICAgICAgICAgICAgICA8dHJ1ZS8+CiAgICAgICAgICAgICAgICA8a2V5PkZpbHRlckRhdGFQcm92aWRlckJ1bmRsZUlkZW50aWZpZXI8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+Y29tLm1pY3Jvc29mdC53ZGF2Lm5ldGV4dDwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5GaWx0ZXJEYXRhUHJvdmlkZXJEZXNpZ25hdGVkUmVxdWlyZW1lbnQ8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+aWRlbnRpZmllciAmcXVvdDtjb20ubWljcm9zb2Z0LndkYXYubmV0ZXh0JnF1b3Q7IGFuZCBhbmNob3IgYXBwbGUgZ2VuZXJpYyBhbmQgY2VydGlmaWNhdGUgMVtmaWVsZC4xLjIuODQwLjExMzYzNS4xMDAuNi4yLjZdIC8qIGV4aXN0cyAqLyBhbmQgY2VydGlmaWNhdGUgbGVhZltmaWVsZC4xLjIuODQwLjExMzYzNS4xMDAuNi4xLjEzXSAvKiBleGlzdHMgKi8gYW5kIGNlcnRpZmljYXRlIGxlYWZbc3ViamVjdC5PVV0gPSBVQkY4VDM0Nkc5PC9zdHJpbmc+CiAgICAgICAgICAgIDwvZGljdD4KICAgICAgICAgICAgPGRpY3Q+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRVVUlEPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nPjU2MTA1RTg5LUM3QzgtNEE5NS1BRUU2LUUxMUI4QkVBMDM2Njwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkVHlwZTwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5jb20uYXBwbGUuVENDLmNvbmZpZ3VyYXRpb24tcHJvZmlsZS1wb2xpY3k8L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZE9yZ2FuaXphdGlvbjwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5NaWNyb3NvZnQgQ29ycG9yYXRpb248L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZElkZW50aWZpZXI8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+NTYxMDVFODktQzdDOC00QTk1LUFFRTYtRTExQjhCRUEwMzY2PC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWREaXNwbGF5TmFtZTwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5Qcml2YWN5IFByZWZlcmVuY2VzIFBvbGljeSBDb250cm9sPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWREZXNjcmlwdGlvbjwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZy8+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRWZXJzaW9uPC9rZXk+CiAgICAgICAgICAgICAgICA8aW50ZWdlcj4xPC9pbnRlZ2VyPgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkRW5hYmxlZDwva2V5PgogICAgICAgICAgICAgICAgPHRydWUvPgogICAgICAgICAgICAgICAgPGtleT5TZXJ2aWNlczwva2V5PgogICAgICAgICAgICAgICAgPGRpY3Q+CiAgICAgICAgICAgICAgICAgICAgPGtleT5TeXN0ZW1Qb2xpY3lBbGxGaWxlczwva2V5PgogICAgICAgICAgICAgICAgICAgIDxhcnJheT4KICAgICAgICAgICAgICAgICAgICAgICAgPGRpY3Q+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8a2V5PklkZW50aWZpZXI8L2tleT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzdHJpbmc+Y29tLm1pY3Jvc29mdC53ZGF2LmVwc2V4dDwvc3RyaW5nPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPGtleT5Db2RlUmVxdWlyZW1lbnQ8L2tleT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzdHJpbmc+aWRlbnRpZmllciAiY29tLm1pY3Jvc29mdC53ZGF2LmVwc2V4dCIgYW5kIGFuY2hvciBhcHBsZSBnZW5lcmljIGFuZCBjZXJ0aWZpY2F0ZSAxW2ZpZWxkLjEuMi44NDAuMTEzNjM1LjEwMC42LjIuNl0gLyogZXhpc3RzICovIGFuZCBjZXJ0aWZpY2F0ZSBsZWFmW2ZpZWxkLjEuMi44NDAuMTEzNjM1LjEwMC42LjEuMTNdIC8qIGV4aXN0cyAqLyBhbmQgY2VydGlmaWNhdGUgbGVhZltzdWJqZWN0Lk9VXSA9IFVCRjhUMzQ2Rzk8L3N0cmluZz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxrZXk+SWRlbnRpZmllclR5cGU8L2tleT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzdHJpbmc+YnVuZGxlSUQ8L3N0cmluZz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxrZXk+U3RhdGljQ29kZTwva2V5PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPGludGVnZXI+MDwvaW50ZWdlcj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxrZXk+QWxsb3dlZDwva2V5PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPGludGVnZXI+MTwvaW50ZWdlcj4KICAgICAgICAgICAgICAgICAgICAgICAgPC9kaWN0PgogICAgICAgICAgICAgICAgICAgIDwvYXJyYXk+CiAgICAgICAgICAgICAgICA8L2RpY3Q+CiAgICAgICAgICAgIDwvZGljdD4KICAgICAgICA8L2FycmF5PgogICAgPC9kaWN0Pgo8L3BsaXN0Pgo="
+}
+
+"@
+
+####################################################
+
 write-host
 
 write-host "Publishing" ($MDATP | ConvertFrom-Json).displayName -ForegroundColor Yellow
@@ -541,4 +556,14 @@ $CreateResult_Onboarding = Add-DeviceConfigurationPolicy -JSON $MDATP_Onboarding
 
 Write-Host " + Device MDATP OnBoarding Policy created as" $CreateResult_Onboarding.id
 
+Write-Host
+
+####################################################
+
+Write-Host "Adding MDATP System Extension Policy from XML..." -ForegroundColor Yellow
+
+$CreateResult_sysext = Add-DeviceConfigurationPolicy -JSON $MDATP_sysext
+
+Write-Host " + Device MDATP System Extension Policy created as" $CreateResult_sysext.id
+
 Write-Host

MDATP/MacOS_MDATP_Deployment_Add_Assign.ps1

@@ -761,6 +761,22 @@ $MDATP_Notifications = @"
 
 ####################################################
 
+
+$MDATP_sysext = @"
+
+{
+    "@odata.type":  "#microsoft.graph.macOSCustomConfiguration",
+     "description":  "Approves required system extension for Defender AT on macOS, for Big Sur and newer",
+    "displayName":  "macOS MDATP System Extension",
+    "payloadName":  "MDATP macOS System Extension",
+    "payloadFileName":  "system extension.xml",
+    "payload":  "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48IURPQ1RZUEUgcGxpc3QgUFVCTElDICItLy9BcHBsZS8vRFREIFBMSVNUIDEuMC8vRU4iICJodHRwOi8vd3d3LmFwcGxlLmNvbS9EVERzL1Byb3BlcnR5TGlzdC0xLjAuZHRkIj4KPHBsaXN0IHZlcnNpb249IjEiPgogICAgPGRpY3Q+CiAgICAgICAgPGtleT5QYXlsb2FkVVVJRDwva2V5PgogICAgICAgIDxzdHJpbmc+N0U1M0FDNTAtQjg4RC00MTMyLTk5QjYtMjlGNzk3NEVBQTNDPC9zdHJpbmc+CiAgICAgICAgPGtleT5QYXlsb2FkVHlwZTwva2V5PgogICAgICAgIDxzdHJpbmc+Q29uZmlndXJhdGlvbjwvc3RyaW5nPgogICAgICAgIDxrZXk+UGF5bG9hZE9yZ2FuaXphdGlvbjwva2V5PgogICAgICAgIDxzdHJpbmc+TWljcm9zb2Z0IENvcnBvcmF0aW9uPC9zdHJpbmc+CiAgICAgICAgPGtleT5QYXlsb2FkSWRlbnRpZmllcjwva2V5PgogICAgICAgIDxzdHJpbmc+N0U1M0FDNTAtQjg4RC00MTMyLTk5QjYtMjlGNzk3NEVBQTNDPC9zdHJpbmc+CiAgICAgICAgPGtleT5QYXlsb2FkRGlzcGxheU5hbWU8L2tleT4KICAgICAgICA8c3RyaW5nPk1pY3Jvc29mdCBEZWZlbmRlciBBVFAgU3lzdGVtIEV4dGVuc2lvbnM8L3N0cmluZz4KICAgICAgICA8a2V5PlBheWxvYWREZXNjcmlwdGlvbjwva2V5PgogICAgICAgIDxzdHJpbmcvPgogICAgICAgIDxrZXk+UGF5bG9hZFZlcnNpb248L2tleT4KICAgICAgICA8aW50ZWdlcj4xPC9pbnRlZ2VyPgogICAgICAgIDxrZXk+UGF5bG9hZEVuYWJsZWQ8L2tleT4KICAgICAgICA8dHJ1ZS8+CiAgICAgICAgPGtleT5QYXlsb2FkUmVtb3ZhbERpc2FsbG93ZWQ8L2tleT4KICAgICAgICA8dHJ1ZS8+CiAgICAgICAgPGtleT5QYXlsb2FkU2NvcGU8L2tleT4KICAgICAgICA8c3RyaW5nPlN5c3RlbTwvc3RyaW5nPgogICAgICAgIDxrZXk+UGF5bG9hZENvbnRlbnQ8L2tleT4KICAgICAgICA8YXJyYXk+CiAgICAgICAgICAgIDxkaWN0PgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkVVVJRDwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz4yQkEwNzBEOS0yMjMzLTQ4MjctQUZDMS0xRjQ0QzhDOEU1Mjc8L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZFR5cGU8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+Y29tLmFwcGxlLndlYmNvbnRlbnQtZmlsdGVyPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRPcmdhbml6YXRpb248L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+TWljcm9zb2Z0IENvcnBvcmF0aW9uPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRJZGVudGlmaWVyPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nPkNFQkY3QTcxLUQ5QTEtNDhCRC04Q0NGLUJEOUQxOEVDMTU1QTwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkRGlzcGxheU5hbWU8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+QXBwcm92ZWQgTmV0d29yayBFeHRlbnNpb248L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZERlc2NyaXB0aW9uPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nLz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZFZlcnNpb248L2tleT4KICAgICAgICAgICAgICAgIDxpbnRlZ2VyPjE8L2ludGVnZXI+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRFbmFibGVkPC9rZXk+CiAgICAgICAgICAgICAgICA8dHJ1ZS8+CiAgICAgICAgICAgICAgICA8a2V5PkZpbHRlclR5cGU8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+UGx1Z2luPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlVzZXJEZWZpbmVkTmFtZTwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5NaWNyb3NvZnQgRGVmZW5kZXIgQVRQIE5ldHdvcmsgRXh0ZW5zaW9uPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBsdWdpbkJ1bmRsZUlEPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nPmNvbS5taWNyb3NvZnQud2Rhdjwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5GaWx0ZXJTb2NrZXRzPC9rZXk+CiAgICAgICAgICAgICAgICA8dHJ1ZS8+CiAgICAgICAgICAgICAgICA8a2V5PkZpbHRlckRhdGFQcm92aWRlckJ1bmRsZUlkZW50aWZpZXI8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+Y29tLm1pY3Jvc29mdC53ZGF2Lm5ldGV4dDwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5GaWx0ZXJEYXRhUHJvdmlkZXJEZXNpZ25hdGVkUmVxdWlyZW1lbnQ8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+aWRlbnRpZmllciAmcXVvdDtjb20ubWljcm9zb2Z0LndkYXYubmV0ZXh0JnF1b3Q7IGFuZCBhbmNob3IgYXBwbGUgZ2VuZXJpYyBhbmQgY2VydGlmaWNhdGUgMVtmaWVsZC4xLjIuODQwLjExMzYzNS4xMDAuNi4yLjZdIC8qIGV4aXN0cyAqLyBhbmQgY2VydGlmaWNhdGUgbGVhZltmaWVsZC4xLjIuODQwLjExMzYzNS4xMDAuNi4xLjEzXSAvKiBleGlzdHMgKi8gYW5kIGNlcnRpZmljYXRlIGxlYWZbc3ViamVjdC5PVV0gPSBVQkY4VDM0Nkc5PC9zdHJpbmc+CiAgICAgICAgICAgIDwvZGljdD4KICAgICAgICAgICAgPGRpY3Q+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRVVUlEPC9rZXk+CiAgICAgICAgICAgICAgICA8c3RyaW5nPjU2MTA1RTg5LUM3QzgtNEE5NS1BRUU2LUUxMUI4QkVBMDM2Njwvc3RyaW5nPgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkVHlwZTwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5jb20uYXBwbGUuVENDLmNvbmZpZ3VyYXRpb24tcHJvZmlsZS1wb2xpY3k8L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZE9yZ2FuaXphdGlvbjwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5NaWNyb3NvZnQgQ29ycG9yYXRpb248L3N0cmluZz4KICAgICAgICAgICAgICAgIDxrZXk+UGF5bG9hZElkZW50aWZpZXI8L2tleT4KICAgICAgICAgICAgICAgIDxzdHJpbmc+NTYxMDVFODktQzdDOC00QTk1LUFFRTYtRTExQjhCRUEwMzY2PC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWREaXNwbGF5TmFtZTwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZz5Qcml2YWN5IFByZWZlcmVuY2VzIFBvbGljeSBDb250cm9sPC9zdHJpbmc+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWREZXNjcmlwdGlvbjwva2V5PgogICAgICAgICAgICAgICAgPHN0cmluZy8+CiAgICAgICAgICAgICAgICA8a2V5PlBheWxvYWRWZXJzaW9uPC9rZXk+CiAgICAgICAgICAgICAgICA8aW50ZWdlcj4xPC9pbnRlZ2VyPgogICAgICAgICAgICAgICAgPGtleT5QYXlsb2FkRW5hYmxlZDwva2V5PgogICAgICAgICAgICAgICAgPHRydWUvPgogICAgICAgICAgICAgICAgPGtleT5TZXJ2aWNlczwva2V5PgogICAgICAgICAgICAgICAgPGRpY3Q+CiAgICAgICAgICAgICAgICAgICAgPGtleT5TeXN0ZW1Qb2xpY3lBbGxGaWxlczwva2V5PgogICAgICAgICAgICAgICAgICAgIDxhcnJheT4KICAgICAgICAgICAgICAgICAgICAgICAgPGRpY3Q+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8a2V5PklkZW50aWZpZXI8L2tleT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzdHJpbmc+Y29tLm1pY3Jvc29mdC53ZGF2LmVwc2V4dDwvc3RyaW5nPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPGtleT5Db2RlUmVxdWlyZW1lbnQ8L2tleT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzdHJpbmc+aWRlbnRpZmllciAiY29tLm1pY3Jvc29mdC53ZGF2LmVwc2V4dCIgYW5kIGFuY2hvciBhcHBsZSBnZW5lcmljIGFuZCBjZXJ0aWZpY2F0ZSAxW2ZpZWxkLjEuMi44NDAuMTEzNjM1LjEwMC42LjIuNl0gLyogZXhpc3RzICovIGFuZCBjZXJ0aWZpY2F0ZSBsZWFmW2ZpZWxkLjEuMi44NDAuMTEzNjM1LjEwMC42LjEuMTNdIC8qIGV4aXN0cyAqLyBhbmQgY2VydGlmaWNhdGUgbGVhZltzdWJqZWN0Lk9VXSA9IFVCRjhUMzQ2Rzk8L3N0cmluZz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxrZXk+SWRlbnRpZmllclR5cGU8L2tleT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxzdHJpbmc+YnVuZGxlSUQ8L3N0cmluZz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxrZXk+U3RhdGljQ29kZTwva2V5PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPGludGVnZXI+MDwvaW50ZWdlcj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxrZXk+QWxsb3dlZDwva2V5PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPGludGVnZXI+MTwvaW50ZWdlcj4KICAgICAgICAgICAgICAgICAgICAgICAgPC9kaWN0PgogICAgICAgICAgICAgICAgICAgIDwvYXJyYXk+CiAgICAgICAgICAgICAgICA8L2RpY3Q+CiAgICAgICAgICAgIDwvZGljdD4KICAgICAgICA8L2FycmF5PgogICAgPC9kaWN0Pgo8L3BsaXN0Pgo="
+}
+
+"@
+
+####################################################
+
 # Setting application AAD Group to assign Policy
 
 do {
@@ -856,4 +872,18 @@ write-host " + Assigning WDATP OnBoarding Policy to AAD Group '$AADGroup'" -f Cy
 $Assign_Onboarding = Add-DeviceConfigurationPolicyAssignment -ConfigurationPolicyId $CreateResult_Onboarding.id -TargetGroupId $TargetGroupId
 
 Write-Host " + Assigned '$AADGroup' to $($CreateResult_Onboarding.displayName)/$($CreateResult_Onboarding.id)"
+Write-Host
+
+####################################################
+
+Write-Host "Adding MDATP System Extension Policy from XML..." -ForegroundColor Yellow
+
+$CreateResult_sysext = Add-DeviceConfigurationPolicy -JSON $MDATP_sysext
+
+Write-Host " + Device WDATP System Extension Policy created as" $CreateResult_sysext.id
+write-host " + Assigning WDATP System Extension Policy to AAD Group '$AADGroup'" -f Cyan
+
+$Assign_sysext = Add-DeviceConfigurationPolicyAssignment -ConfigurationPolicyId $CreateResult_sysext.id -TargetGroupId $TargetGroupId
+
+Write-Host " + Assigned '$AADGroup' to $($CreateResult_sysext.displayName)/$($CreateResult_sysext.id)"
 Write-Host