Sep 27 2023 01:53 AM
When running Client Analyzer on a server , it is missing path, and recommended fix is running
"PsExec.exe -s cmd /c (mkdir.exe C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber)"
Well that does nothing, tried to change things, with and with out admin, and in powershell and in a command line. And i trie to find the path missing, it is there. So this error is not clear, the server will not be onboarded with this error either. I have tried to post this another place , but now i will here.
Sep 27 2023 02:29 AM
Hi @Knut_S,
The MDE Client Analyzer error 122003 Missing Path indicates that the analyzer cannot find the following path:
C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber
This path is required for the client analyzer to run the connectivity tests to cloud service URLs.
You have already tried running the recommended fix, which is to use PsExec to create the missing path. However, this has not worked.
Here are some other things you can try:
If you are still unable to create the missing path, you can try creating it manually. To do this, open an elevated command prompt and enter the following command:
mkdir C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber
Once you have created the missing path, try running the client analyzer again.
If the client analyzer is still unable to run, you can try collecting the analyzer support logs using live response.
See the following article for more information:
Run the client analyzer on Windows: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/run-analyzer-windows?view...
The analyzer support logs can be used to troubleshoot the issue with Microsoft support.
Additional troubleshooting tips:
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)
Sep 27 2023 11:57 PM
This is a snip from the server in question, seems to me that this path is there. so how can it be missing. strange, could it be some kind of error with permissions
Sep 28 2023 12:46 AM
SolutionMaybe i found the issue,
Default paths are missing:
Default MDE Policies key
HKLM:\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
That registry key is not on my server for some kind of reason. if look on other similar servers the key is there. so that may be the problem. Some times you need to read the error I guess. But how to fix the issue.
Sep 28 2023 12:46 AM
SolutionMaybe i found the issue,
Default paths are missing:
Default MDE Policies key
HKLM:\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection
That registry key is not on my server for some kind of reason. if look on other similar servers the key is there. so that may be the problem. Some times you need to read the error I guess. But how to fix the issue.