Forum Discussion

achechen's avatar
achechen
Copper Contributor
Mar 07, 2023

Onboarding non-persistent Linux machines

I have 2 VMs I regularly rebuild and onboard into Defender ATP. Obviously, every time I rebuild them, even if I don't change the machine names a new entry is created. I end up with hundreds of entries after a while, which is absolutely annoying and horrible.

 

Fortunately, I've figured a way to fix this issue for the Windows VM just by using the non-persistent VDI process documented here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints-vdi?view=o365-worldwide 

This makes sure that a new entry is not created every time the VM is rebuilt by using a senseGuid value, which is explained in detail here: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/onboarding-and-servicing-non-persistent-vdi-machines-with/ba-p/1360721

 

I am looking for a similar solution for my Linux VM too and could not find anything in the documentation. Any ideas?

  • lukejowett's avatar
    lukejowett
    Copper Contributor

    achechen Hi - Did you ever find a solution for this? I am considering just comparing the onboarding scripts and copying the logic to linux

Resources