Forum Discussion

Brian Steingraber's avatar
Brian Steingraber
Copper Contributor
May 28, 2020

Guidance on Domain Controller Virtualization Based Security and Defender Antivirus Baselines

Am I correct in assuming the 1909 - Domain Controller Virtualization Based Security should be targeting <only> my Domain Controllers running as Virtual Machines?   Is the 1909 Defender Antivirus ba...
awolf13's avatar
awolf13
Copper Contributor
Jun 23, 2020

Steve Norton I am noticing an issue when applying the Domain Controller Virtualization Based Security policy to my vDC. Once applied, on the next reboot they fail to boot. Hypervisor reports a Triple Fault error. I can get to recovery and safe mode/safe mode with networking. I'm probably doing something wrong, but even with a new VM config on Server 2019 Hypervisor with clean Windows 2019 Server OS vm it's repeatable. I've not dug into it beyond that at this time. Maybe there's another resource I'm overlooking when setting this up? 

Steve Norton's avatar
Steve Norton
Brass Contributor
Jun 23, 2020

Hi awolf13,

Does your vDC boot successfully with 'Enable Secure Boot' and 'Enable Trusted Platform Module' enabled on the host?

Regards,

Steve

  • awolf13's avatar
    awolf13
    Copper Contributor
    Jun 23, 2020

    Steve NortonSecure Boot is enabled and working. I've not attempted to enable TPM. Is that most likely the culprit?

    • Steve Norton's avatar
      Steve Norton
      Brass Contributor
      Jun 23, 2020

      awolf13

      Let me know the results after enabling TPM.

      • awolf13's avatar
        awolf13
        Copper Contributor
        Jun 23, 2020

        Steve NortonOriginally, I thought that appeared to have fixed the issue, however, I just did another reboot test and it failed. Disabling the Virtualization Based Security GPO allowed my vDC to boot again.

         

        Maybe this isn't the proper forum for this. I'll keep searching.

Resources