Forum Discussion
Getting error "Global is denied" on second DC
I'm getting error when I try to configure ATP (Defender) on second DC. Could you advice what could be the cause to fix.
First configured DC is reporting on portal.
4 Replies
- EliOfek
Microsoft
The code is failing while we try to read the instances of the counters under "Network Interface" category.
Try to run perfmon.exe and see if you can read the instances of this category there.
If it works there it's most likely some hardening made on the machine in the registry.
if it fails there as well, it could also be a counters corruption that might require a counters rebuild. To fix the "Access to the registry key 'Global' is denied" error in Defender for Identity on your second domain controller, please try these steps.
- Run as Admin: Ensure you're running the setup with administrator privileges.
- Check Permissions: Verify that the Defender for Identity service account has access to the Global registry key.
- Restart Service: Restart the Defender for Identity sensor service.
- Update Software: Ensure Windows and Defender for Identity are updated.
- Check Event Viewer: Look for more details in Event Viewer logs.
If it still fails, consider contacting Microsoft Support.
Can you share more detail on point 2.
1. Open Registry Editor (Win + R, type regedit).
2. Find the Key - Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services and locate the Global key.
3. Edit Permissions
- Right-click Global > Permissions.
- Add the Defender service account (e.g., NT SERVICE\Azure Advanced Threat Protection Sensor).
- Grant Full Control or Read access.
4. Restart Service - Restart the Defender for Identity sensor service.
