Dear Microsoft Community,
What are the best practices when creating Golden Image (using Packer) and we want to deploy the Microsoft Defender for Endpoint agent on it.
Here is the current process:
- We launch the adequate onboarding script, that matches the Windows Server version.
- We restart the server.
- We launch a script which:
- Configure the ASR rules
- Configure the different settings (Network Protection, Cloud Protection, ...)
- ...
The issue is that once the image is being used, we see within the Microsoft 365 Defender Portal, the asset with the status "Can be onboarded".
All required network flows are opened.
Thomas
