Forum Discussion

Kelly360's avatar
Kelly360
Copper Contributor
Sep 13, 2019

Onboarding 2019 Hyper-V

Our organization has started installing 2019 Hyper-V (Build 10.0.17763). It looks like 2019 Core, but behaves differently when onboarding to WDATP. Here is my issue. I use the onboarding script like I have done on our other 2019 servers, but fails to Onboard because there is no SENSE service. I verified in Windows features that Defender was installed and the windefend service was running. I tried re-installing the feature, and verified everything was installed. The Windows Defender Advanced Threat Protection Service (SENSE) was still missing. It was there on my other core machines, but the 2019 Hyper V OS was not. I cannot seem to onboard without this service. So I then tried just Installing the Microsoft Monitoring Agent, but of course I get a healthservice error saying it was incompatible with 2019. All other OS's in our environment are fine, 2012R2, 2016, 2019 standard and core. Is there a different process to Onboard 2019 Hyper-V OS. We currently have two of these in our environment, and I am sure we will have more coming soon.
  • youseeme's avatar
    youseeme
    Copper Contributor

    Hi, appreciate this is an old post but wondered if you ever got any answers? Not much around the web on this scenario!

    I am in the same position of trying to onboard hyper-v 2019 servers and assume they are not supported due to the lack of info!?

     

    Thank you

  • Reid Guanti's avatar
    Reid Guanti
    Copper Contributor

    I can't seem to find anything stating Hyper-V 2019 is supported or not for Defender for Endpoint. I do not see the sense service installed. When running the onboarding script, our output is below.

    Just wondering if you ever got this to work.

     

    This script is for onboarding machines to the Microsoft Defender for Endpoint services, including security and compliance products.
    Once completed, the machine should light up in the portal within 5-30 minutes, depending on this machine's Internet connectivity availability and machine power state (plugged in vs. battery powered).
    IMPORTANT: This script is optimized for onboarding a single machine and should not be used for large scale deployment.
    For more information on large scale deployment, please consult the MDE documentation (links available in the MDE portal under the endpoint onboarding section).
    
    Press (Y) to confirm and continue or (N) to cancel and exit: Y
    
    Starting Microsoft Defender for Endpoint onboarding process...
    
    Testing administrator privileges
    Script is running with sufficient privileges
    
    Performing onboarding operations
    
    Starting the service, if not already running
    
    Microsoft Defender for Endpoint Service has not started yet
    Waiting for the service to start
    
    [Error Id: 15, Error Level: 1] Unable to start Microsoft Defender for Endpoint Service. Error message: The service name is invalid.
    For more information, visit: https://go.microsoft.com/fwlink/p/?linkid=822807
    
    Press any key to continue . . .

     

    • bartlettdn24's avatar
      bartlettdn24
      Copper Contributor
      The documentation still does not specify whether Defender for Endpoint is supported on Hyper-V hosts. Would be great to know if anyone has made this work.
  • whiteHat's avatar
    whiteHat
    Copper Contributor

    Kelly360 


    Any updates on Hyper-V Core Server 2019 support for MDE Onboarding?

     

    Thanks and regards

     

    • mr_megs's avatar
      mr_megs
      Copper Contributor
      I'm also unable to onboard on Hyper-V Core Server 2019
      • Alex Lush's avatar
        Alex Lush
        Brass Contributor
        Same here, we have 4 servers unable to onboard, all Hyper-V Server 2019 Core.
        Running "sc query sense" confirms that the service is not installed on the server.

        Anyone from MS reading this care to confirm if this scenario is supported or not?
    • Alex Lush's avatar
      Alex Lush
      Brass Contributor

      surferstylee thanks so much for the update. I guess that puts the issue to bed once and for all although its disappointing to see that Hyper-V servers cannot be protected.

      • surferstylee's avatar
        surferstylee
        Brass Contributor

        Alex Lush 
        Let me clarify (or complicate) the issue a bit more by saying that the "note" is referring specifically to Hyper-V Server Editions and not servers that are running the Hyper-V service itself.

        ~m

Resources