Forum Discussion
can't install AzureATP sensor on DC 2022, help with logs?
- For anyone who finds similar errors,
opening IISCRYPTO to "server defaults template" lets everything install properly and run correctly. Using IIScrypto "best practice template" afterward installation re breaks sensor updater and causes schannel errors in event log.
still trying to work out exactly what does/doesn't work in IISCRYPTO but can confirm it is now working using only TLS 1.0,1.1 and 1.2 server/client protocols with all ciphers enabled
"best practices template" disables too much but havn't proved what exactly
admin Administrator Definitely looks like a TLS issue. I would Double Check that the server can correctly communicate with your ATP portal using TLS1.2
https://gist.github.com/gpduck/db4f984435744e7dde1d
I have used this tool in the past and it can be helpful. Just put in your ATP url EX org.atp.azure.com
I must be simple but I can't get any output from that script as an example just returns nothing
PS C:\> .\test-Sslprotocols.ps1 -ComputerName http://www.google.com
IIScrypto
says TLS 1.0, 1.1, 1.2,
ciphers triple DES 168
AES128, 256
all hashes
just the recommended best practices
- EliOfek
Microsoft
admin Administrator the updater is failing to open the ssl listener on tcp localhost 444 using os methods while running as system.
Any hardedning was done in this area?
Maybe run
netsh http add sslcert
And see if it gives more clues.
