Forum Discussion
MDE Client analyzer reporting missing path
When running Client Analyzer on a server , it is missing path, and recommended fix is running
"PsExec.exe -s cmd /c (mkdir.exe C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber)"
Well that does nothing, tried to change things, with and with out admin, and in powershell and in a command line. And i trie to find the path missing, it is there. So this error is not clear, the server will not be onboarded with this error either. I have tried to post this another place , but now i will here.
Maybe i found the issue,
Default paths are missing:
Default MDE Policies key
HKLM:\SOFTWARE\Policies\Microsoft\Windows Advanced Threat ProtectionThat registry key is not on my server for some kind of reason. if look on other similar servers the key is there. so that may be the problem. Some times you need to read the error I guess. But how to fix the issue.
3 Replies
Hi Knut_S,
The MDE Client Analyzer error 122003 Missing Path indicates that the analyzer cannot find the following path:
C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber
This path is required for the client analyzer to run the connectivity tests to cloud service URLs.
You have already tried running the recommended fix, which is to use PsExec to create the missing path. However, this has not worked.
Here are some other things you can try:
- Make sure that you are running the PsExec command as an administrator.
- Try running the PsExec command from a different directory.
- Try running the PsExec command from a different computer.
- Try restarting the server.
If you are still unable to create the missing path, you can try creating it manually. To do this, open an elevated command prompt and enter the following command:
mkdir C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\CyberOnce you have created the missing path, try running the client analyzer again.
If the client analyzer is still unable to run, you can try collecting the analyzer support logs using live response.
See the following article for more information:Run the client analyzer on Windows: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/run-analyzer-windows?view=o365-worldwide
The analyzer support logs can be used to troubleshoot the issue with Microsoft support.
Additional troubleshooting tips:
- Make sure that the server is running the latest version of the MDE Client Analyzer tool.
- Make sure that the server has a valid internet connection.
- Make sure that the server is not running any other security software that is interfering with the MDE Client Analyzer tool.
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)Maybe i found the issue,
Default paths are missing:
Default MDE Policies key
HKLM:\SOFTWARE\Policies\Microsoft\Windows Advanced Threat ProtectionThat registry key is not on my server for some kind of reason. if look on other similar servers the key is there. so that may be the problem. Some times you need to read the error I guess. But how to fix the issue.
This is a snip from the server in question, seems to me that this path is there. so how can it be missing. strange, could it be some kind of error with permissions
