Blog Post

Microsoft Defender XDR Blog
6 MIN READ

Introducing the new PowerShell Module for Microsoft Defender for Identity

Martin_Schvartzman's avatar
Martin_Schvartzman
Icon for Microsoft rankMicrosoft
Jan 16, 2024
Today, I am excited to introduce a new PowerShell module designed to help further simplify the deployment and configuration of Microsoft Defender for Identity. This tool will make it easier than ever...
Updated Jan 16, 2024
Version 1.0
automation
microsoft defender for identity
microsoft defender xdr
Ibrahimk1's avatar
Ibrahimk1
Copper Contributor
Oct 23, 2025

Hi, 

Any thoughts on below.

When I run  New-MDIConfigurationReport -Path "C:\Reports" -OpenHtmlReport

I get the following

cmdlet Get-MDIConfiguration at command pipeline position 1
Supply values for the following parameters:
Identity: DC01xxx
Get-MDISAcl: A parameter cannot be found that matches parameter name 'Server'.
Get-MDISAcl: A parameter cannot be found that matches parameter name 'Server'.
WARNING: Unable to read permissions on the Deleted Objects container
Get-MDISAcl: A parameter cannot be found that matches parameter name 'Server'.
InvalidOperation: Index operation failed; the array index evaluated to null.
InvalidOperation: Index operation failed; the array index evaluated to null.
InvalidOperation: Index operation failed; the array index evaluated to null.

And the HTML report 

For  Get-MDIConfiguration -Mode Domain -Configuration All -Verbose results 

 Get-MDIConfiguration -Mode Domain -Configuration All -Verbose

cmdlet Get-MDIConfiguration at command pipeline position 1
Supply values for the following parameters:
Identity: DC001
VERBOSE: Validating ADFS container auditing
Get-MDISAcl: A parameter cannot be found that matches parameter name 'Server'.
VERBOSE: Test failed
VERBOSE: Validating Active Directory Recycle Bin
VERBOSE: Test passed
VERBOSE: Validating GPO: Microsoft Defender for Identity - Advanced Audit Policy for CAs
VERBOSE: 'Microsoft Defender for Identity - Advanced Audit Policy for CAs' - GPO not found
VERBOSE: Test failed
VERBOSE: Validating GPO: Microsoft Defender for Identity - Advanced Audit Policy for DCs
VERBOSE: 'Microsoft Defender for Identity - Advanced Audit Policy for DCs' - GPO not found
VERBOSE: Test failed
VERBOSE: Validating GPO: Microsoft Defender for Identity - Auditing for CAs
VERBOSE: 'Microsoft Defender for Identity - Auditing for CAs' - GPO not found
VERBOSE: Test failed
VERBOSE: Validating Exchange related configuration container auditing
Get-MDISAcl: A parameter cannot be found that matches parameter name 'Server'.
VERBOSE: Test failed
WARNING: Unable to read permissions on the Deleted Objects container
VERBOSE: Validating Domain Object auditing
Get-MDISAcl: A parameter cannot be found that matches parameter name 'Server'.
VERBOSE: Test failed
VERBOSE: Validating GPO: Microsoft Defender for Identity - Advanced Audit and URA Policy for Entra Connect
VERBOSE: 'Microsoft Defender for Identity - Advanced Audit and URA Policy for Entra Connect' - GPO not found
VERBOSE: Test failed
VERBOSE: Validating GPO: Microsoft Defender for Identity - NTLM Auditing for DCs
VERBOSE: 'Microsoft Defender for Identity - NTLM Auditing for DCs' - GPO not found
VERBOSE: Test failed
VERBOSE: Validating GPO: Microsoft Defender for Identity - Processor Performance
VERBOSE: 'Microsoft Defender for Identity - Processor Performance' - GPO not found
VERBOSE: Test failed
VERBOSE: Validating GPO: Microsoft Defender for Identity - Remote SAM Access
VERBOSE: 'Microsoft Defender for Identity - Remote SAM Access' - GPO not found
VERBOSE: Test failed

And for .\Test-MdiReadiness.ps1

Any advice on why I’m getting different results, and can I just run Set-MDIConfiguration -Mode Domain -Configuration All to fill any gaps?