Jan 11 2021
03:10 AM
- last edited on
Nov 30 2021
10:27 AM
by
TechCommunityAP
Jan 11 2021
03:10 AM
- last edited on
Nov 30 2021
10:27 AM
by
TechCommunityAP
I've tried to install the newest MDI sensor on one of my AD FS servers but under the installation if reports that auditing is not configured correctly - see attached image.
It's possible to click Next and proceed with the installation.
I've verified that the auditing is in place and configured according to the guide. I can even see the audit events in the security log.
What am I missing here?
Just for your information, then the service wont start after the installation - I'll start another discussion about that issue 🙂
Jan 11 2021 03:28 AM
@bjarneabraham
Can you run on this machine from powershell this command and share the full output?
(Get-AdfsProperties).LogLevel
Jan 13 2021 01:10 AM
SolutionHi,
Just got another similar case, that was resolved by running the setup elevated.
Can you try that and let me know if the warning is gone ?
Jan 20 2021 02:50 AM
@EliOfek running the installation elevated solved the issue. Then it doesn't raise an alert about issue regarding auditing on the ADFS server. Thanks.
Jan 20 2021 03:46 AM
@bjarneabraham It was a success on one of the AD FS servers but not on the others 😞
I've checked the audit level and requirements and they are exact the same.
Any good ideas? 🙂
Jan 20 2021 06:00 AM
@bjarneabraham
Can you share the output of
(Get-AdfsProperties).LogLevel
from the working and non working server?
Jan 20 2021 11:38 PM
Jan 21 2021 06:35 AM
In this case the non working machine is not a primary ?
Can you share the output of this command when running on the non primary machine (even if it returns an error) ?
Jan 21 2021 06:58 AM
Jan 21 2021 07:13 AM
@bjarneabraham
Thanks! I will open a bug for it.
You can ignore the warning during setup for now, it will work fine.
Jan 29 2021 01:12 AM
@EliOfek FYI running setup elevated solved the issue for us too.
Would be nice to either see docs updated or the install file changed.
Jan 29 2021 01:54 PM
The docs actually says that already:
https://docs.microsoft.com/en-us/defender-for-identity/install-step4
"Run Azure ATP sensor setup.exe with elevated privileges (Run as administrator) and follow the setup wizard."
As for changing the exe to auto prompt a UAC dialog, there is currently a technical limitation preventing us from doing so due to the installer infra we use that intentionally block it, but we are working on it to work like that. it will take some time though, as it is going to be incorporated with some other features that will make the deployment a breeze. stay tuned on this topic....
Jan 13 2021 01:10 AM
SolutionHi,
Just got another similar case, that was resolved by running the setup elevated.
Can you try that and let me know if the warning is gone ?