TechQA.

MDE.Windows Azure VM extension provisioning failed

3.4k views Asked by At

We have recently migrated Windows server 2016 from Onprem to Azure Cloud. After that i notice that the "MDE.Windows" extension shows "Provisioning Failed" message. And below is the error message. Can someone help me on how to fix this?

[2022-10-18 13:19:05Z][Error] Failed to configure Microsoft Defender for Endpoint: Onboarding to MDE via Microsoft Defender for Cloud for this operating system is done using Microsoft Monitor Agent. If you would like to install the new MDE Unified Solution/Agent, please enable the Unified Solution setting in Microsoft Defender for Cloud (vNextEnabled parameter is not 'true')\r\n
azure azure-security windows-defender azure-security-center
Original Q&A
2

There are 2 answers

0
Erel Hansav On

As explained in the error message, Unified Agent MDE auto-provisioning setting must be turned on in order for the Unified Agent to be installed. Otherwise, the MDE.Windows extension will fail with that message , and MDE will only be onboarded using Log Analytics agent. The setting can be turned on using Auto Provisioning under Settings.

0
Komali Annem On

I tried to reproduce the same issue in my environment and got the below results

I have enabled the defender cloud

When enabling the defender for servers plan 1 or plan 2 and configuring the defender for end point integration The end point defender is automatically provisioned for all supported machines

enter image description here

If we want we can change the sever plan also we have to enable the defender for endpoint integration by clicking on settings => integrations

I have enabled the auto provisioning when using defender for cloud enter image description here

I have selected the appropriate Virtual Machine

enter image description here

We have to monitor the installation via azure machine extension page Open the specific VM => Open the extension&Application => open the MDE.windows for related information

enter image description here

While clicking on the MDE.Windows extensions we can see the state is succeeded

enter image description here

NOTE: When the extension is failed we have to check the all below the pre requisites are correctly configured or not

1). Defender not running inactive mode for 2019

2). Defender server role is not installed for server 2016

3). connect pre requisites updates not installed

4). Defender disabled via registry key setting

Related Questions in AZURE

Related Questions in AZURE-SECURITY

Related Questions in WINDOWS-DEFENDER

Related Questions in AZURE-SECURITY-CENTER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions