Forum Discussion
MS Defender for Enpoint Service name is invalid
So, using the downloadable script to just run and install/onboard a client. But, when it starts it gives error:
[Error Id: 15, Error Level: 1] Unable to start Microsoft Defender for Endpoint Service. Error message: The service name is invalid.
For more information, visit: https://go.microsoft.com/fwlink/p/?linkid=822807
Windows 11 Pro latest monthly updates. Nothing more to this install, it is fresh/new. There is no service by the name. No idea how this can be fixed, searched high/low and nothing. Seemingly, some reg entry changes it's ability of the built-in one? Event viewer says same error.
All computers are not joined to any domains locally. Computer is Entra registered in Cloud. Not sure how this Windows Defender service even gets installed. Apparently there is no downloadable manual file installed/uninstaller etc?
Any help appreciated.
- One time i have the same error on my customer, and i fuond that the problem is that the operating system is not up to date.
Try to install the last update and reboot pc, after that for my customer all works fine.
Regards,
Guido I was having the same issue myself today on a new laptop. I found and followed the top comment on this Reddit thread. Even though it was about an ARM-powered laptop and mine isn't, the solution worked for me. I tried posting the command here but they flagged it, so you'll have to visit the Reddit thread to see it.
- Is the Defender antimalware service running?
- MS Defender Core Service
MS Defender Antivirus Service
MS Defender Antivirus Network Inspection Service
Are all running. There is some mysterious MS Defender for Endpoint Service that all the docs keep referring to but don't know where that is located or how to get that enabled.
Frustrating to say the least.The onboarding script if you used the local one should have set the computer to pull the Endpoint Client (known as the Microsoft Windows Sense Client). I found this same issue on a number of computers. I got it to work by doing the following
The first this is to see if the client is even installed you can run the Deployment Image Servicing and Management tool with the following options:
/Online /Get-CapabilityInfo /CapabilityName:Microsoft.Windows.Sense.Client
The results I got back showed me that the client was installed on the computer.
Deployment Image Servicing and Management tool
Version: 10.0.26100.1150Image Version: 10.0.26100.2314
Capability Identity : Microsoft.Windows.Sense.Client~~~~
Name : Microsoft.Windows.Sense.Client
State : Not Present
Display Name : Microsoft Defender for Endpoint SenseClient
Description : SenseClient for MDE
Download Size : 0 bytes
Install Size : 0 bytesThe operation completed successfully.
To get it avaliable on the computer I ran the Deployment Image Servicing and Management tool with the following options:
/Online /add-capability /CapabilityName:Microsoft.Windows.Sense.Client
That ran for about 5 to 10 minutes. After it was finished you will need to reboot. After the reboot I re-ran the onboarding script and it completed as it should have.
