Forum Discussion

Adam_Bleakney's avatar
Adam_Bleakney
Copper Contributor
May 17, 2022

Windows Defender Install Sufficient Privileges

I am trying to install Defender on Windows Server 2012 R2 and get the error ..'don't have sufficient privileges to install system services'- even though I am and Administrator on the server.  Any hel...
microsoft 365 defender
JPearce's avatar
JPearce
Copper Contributor
May 18, 2022

Adam_Bleakney having the exact same issue, have lodged a ticket with MS support, I'll reply if they come back with anything useful.

 

I noted that in the System and Application event logs, during the installer, a log is generated that indicates that the failure of the installation is partially caused by a timeout in starting the WinDefend service, presumably because it can't install it, and the time you take to press the 'Retry' button is counted before the .msi proceeds to the next step of starting the service.

 

All Windows Server 2012 R2 servers patched to the prerequisite level.

  • JPearce's avatar
    JPearce
    Copper Contributor
    May 25, 2022

    JPearce Hi all,

    So in my travels with Microsoft Support so far, we've tried the following:

    -Ensuring that the prerequisite KBs (KB2999226, KB3080149, KB5006714) are installed prior to running the md4ws.msi file

    -Ensuring that the .msi is called using the official MS Down-level device deployment script (https://raw.githubusercontent.com/microsoft/mdefordownlevelserver/main/Install.ps1)

    -Installing using system context through PsExec, same result

    -Applying a Sense Client standalone upgrade package before installing/after failed install to see if it works, same result

     

    I've found that through painstaking trial and error, devices that have had the error can be onboarded, but there appears to be no rhyme or reason to when the device will let you do it - One had issues all afternoon that I replicated in a live session with the Microsoft engineer, trying all of the above and more - the next morning it worked on the first attempt. I'm finding this true for a few of them.

     

    In addition, on the devices we've managed to onboard, I've found an issue where defining a proxy for DfE to use through local group policy or through the 'TelemetryProxyServer' registry value is not working, and the only way to get it to onboard is to temporarily define a system-wide WinHTTP proxy (which creates other issues and is not a great option). I'll post about that here too in case any of you are facing the same problems.

     

    Thanks,

    Josh

    • JPearce's avatar
      JPearce
      Copper Contributor
      Jul 05, 2022

      Hi all,

       

      Microsoft have updated the md4ws.msi package available within the Defender console, and we've had success in installing it so far! I would suggest giving it a try.

       

      Thanks,

      Josh

  • Drony77's avatar
    Drony77
    Copper Contributor
    May 25, 2022

    JPearce Hi,

    I have the same issue, only on two machines out of about 200, both are Windows Server 2012 R2, fully upgraded.

    Please post update if you have any.

     

    Regards,

    Andrey