SOLVED

Domain controller

Copper Contributor

Hi.

 

Do you know if we can install MDE on Active directory servers ( on prem and Azure servers)

OS version of server are 2016 and 2022.

Which Microsoft defender product is best suited for Active Directory server ?

Please let me know with MS KB article link.

5 Replies
best response confirmed by subhashv1986 (Copper Contributor)
Solution

@subhashv1986 

It is advisable to equip all servers with Defender for Servers. Since this is about AD servers I can also recommend you to install password protection connectors and implement Defender for Identity

https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers

https://learn.microsoft.com/en-us/entra/identity/authentication/concept-password-ban-bad-on-premises

https://learn.microsoft.com/en-us/defender-for-identity/what-is

Thanks Jos for the reply !
So for Active directory servers only solution is to go with Microsoft defender for identity. Microsoft defender for Endpoint and Servers should not be installed on AD servers.
DO we have any documents which clarify which Microsoft defender suite is best for ON prem Domain controller and Azure Active directory servers ?
Hi Georgelia, Thanks for replying.
In the shared link, there is no information about Active directory or domain controller. It only has server information.

@subhashv1986 
So after going through Microsoft article, I conclude that the MDE can be installed on DOmain controller server but the server can't be managed under MDE or Intune. When you onboard the Domain controller to MDE, you can see Under managed option in Device inventory as "UNKNOWN".
Microsoft has not yet released the feature where in DC servers can be managed under Intune or Defender for Endpoint security settings.
Link
https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration
https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration#frequently-asked-quest...

1 best response

Accepted Solutions
best response confirmed by subhashv1986 (Copper Contributor)
Solution

@subhashv1986 

It is advisable to equip all servers with Defender for Servers. Since this is about AD servers I can also recommend you to install password protection connectors and implement Defender for Identity

https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers

https://learn.microsoft.com/en-us/entra/identity/authentication/concept-password-ban-bad-on-premises

https://learn.microsoft.com/en-us/defender-for-identity/what-is

View solution in original post