Defender not onboarding for some devices

Hi all,

We use Intune (Autopilot) to deploy our devices (Entra joined). We've been using Defender for two years, never had an issue with onboarding.

In the past two months with have 10 devices that are not onboarding (they don't appear under Device Inventory). The Intune configuration profile for deployment says "succeeded".

I created a new profile under Endpoint Security > Endpoint Detection and Response (Auto from Connector) and assigned it only to these devices having trouble. I excluded the group from the other onboarding config profile. This new profile says "Not applicable".

We have the proper licensing. The devices are not Copilot+PC, we use mostly del Latitude 5421/5431.

They are up to date, same OS version as other devices that did onboard correctly (all Win11).

I will try onboarding manually, but in the mean time, just wondering if anyone had this issue?

EDIT: Seems to be 24H2 update 24H2 devices 'Not applicable' for Defender Onboarding Blob via connector? : r/Intune

Bug seems to happen even when not upgrading from Home to Pro: KB5043950: Microsoft Defender for Endpoint known issue - Microsoft Support

EDIT 2: Fix for us has been to Run on Powershell: 

DISM /online /Add-Capability /CapabilityName:Microsoft.Windows.Sense.Client~~~~
Restart laptop.

Run onboarding package MS Defender onboarding package on cmd.

And we will be skipping this update for now.