Share via

Unable to install MDI sensor

karthik palani 661 Reputation points
2023-02-05T13:21:15.0966667+00:00

HI All,

I am trying to install Microsoft defender for identity sensor on domain controller, seems it is failing with below error message

sensor.png

We have opened all port communication from DC to MDI cloud, especially outbound 443 from DC. Still it is throwing above error

Please suggest if anything need to be verified

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Windows for business | Windows Server | User experience | Other
Windows for business | Windows Server | Devices and deployment | Configure application groups

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 35,671 Reputation points Microsoft Employee Moderator
    2023-02-07T04:17:09.74+00:00

    @karthik palani Thank you for reaching out to us, As I understand Microsoft Defender for Identity sensor is failing to register with the cloud instance.

    Review the following steps if it helps to resolve this

    • Check for schannel event 36874 in system event log,
    • TLS hardening was applied to server ? if yes reset to default settings to resolve.
    • Also worth checking the .Net registry: Enable TLS 1.2 on .Net by setting the registry keys to use the operating system defaults for SSL and TLS, as follows: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319] SystemDefaultTlsVersions"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319] " SchUseStrongCrypto"=dword:00000001
    • if the above steps doesnt help, reviewing sensor deployment logs/capturing network trace will give some insights to this issue.

    Reference: https://free.blessedness.top/en-us/defender-for-identity/troubleshooting-known-issues

    Let me know if you have any further questions, feel free to post back.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

    0 comments
  2. Limitless Technology 45,016 Reputation points
    2023-02-07T16:04:21.1733333+00:00

    Hello there,

    Try taking a network trace while running it to see what exactly breaks and at which point.

    If you are using a proxy, it's better to use the silent install mode while supplying proxy parameters, it will work much better and less error-prone to modifying the registry

    Have you checked the logs for additional error details?

    The Defender for Identity deployment logs are located in the temp directory of the user who installed the product. In the default installation location, it can be found at: C:\Users\Administrator\AppData\Local\Temp (or one directory above %temp%).

    Based on this you can troubleshoot from here https://free.blessedness.top/en-us/defender-for-identity/troubleshooting-known-issues

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments
  3. sriharini vijayakumar 0 Reputation points
    2025-10-13T08:05:58.5333333+00:00

    after installing sensor my sensors are not working even though there is no health issues and then i observed the article have line directory accounts have $ sign for example our GPSMA have $ sign after adjusting the account with $ sign my sensors are started working

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.