Forum Discussion
Solved
Azure ATP Sensor Setup not launching
Server 2019 CORE Domain Controller Latest Cumulative Update available Azure ATP Sensor Setup.exe version 2.0.0.0 I checked and the ntdsai.dll file is version 10.0.17763.1 (According to https://doc...
- Use this method to check the file version:
wmic datafile where name="C:\\Windows\\System32\\drivers\\ntdsai.dll" get version
It work better for a patched image on windows... I am guessing you will see a higher version.
The error in the log also suggest you have gone past this version test.
The proxy you supplied as parameter looks OK. we can reach the backend vis 443 for the initial communication which is based on TLS + access key.
the communication breaks when we switch to mutual certificate authentication.
This is likely happening if your proxy is doing SSL inspection which we do not support....
Another issue might be that you are missing root CAs.
See
https://docs.microsoft.com/en-us/defender-for-identity/troubleshooting-known-issues#proxy-authentication-problem-presents-as-a-licensing-error
EliOfek
Microsoft
MicrosoftUse this method to check the file version:
wmic datafile where name="C:\\Windows\\System32\\drivers\\ntdsai.dll" get version
It work better for a patched image on windows... I am guessing you will see a higher version.
The error in the log also suggest you have gone past this version test.
The proxy you supplied as parameter looks OK. we can reach the backend vis 443 for the initial communication which is based on TLS + access key.
the communication breaks when we switch to mutual certificate authentication.
This is likely happening if your proxy is doing SSL inspection which we do not support....
Another issue might be that you are missing root CAs.
See
https://docs.microsoft.com/en-us/defender-for-identity/troubleshooting-known-issues#proxy-authentication-problem-presents-as-a-licensing-error
wmic datafile where name="C:\\Windows\\System32\\drivers\\ntdsai.dll" get version
It work better for a patched image on windows... I am guessing you will see a higher version.
The error in the log also suggest you have gone past this version test.
The proxy you supplied as parameter looks OK. we can reach the backend vis 443 for the initial communication which is based on TLS + access key.
the communication breaks when we switch to mutual certificate authentication.
This is likely happening if your proxy is doing SSL inspection which we do not support....
Another issue might be that you are missing root CAs.
See
https://docs.microsoft.com/en-us/defender-for-identity/troubleshooting-known-issues#proxy-authentication-problem-presents-as-a-licensing-error
We already had SSL scanning turned off for those sites and I had imported the certificates we were using for the 2016 servers but it looks like we left one out. Not sure how the other sensors are working without the one, but they are...
Just wanted to update you and thank you for your help. It's working now.
Just wanted to update you and thank you for your help. It's working now.