cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Defender for Identity Deployment error code 0x80070643

hemdan875
Copper Contributor

‎Feb 15 2021 02:14 AM

‎Feb 15 2021 02:14 AM

Microsoft Defender for Identity Deployment error code 0x80070643

2021-02-11 13:00:08.3038 Error CommunicationWebClient+<SendWithRetryAsync>d__9`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace= at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.WebExceptionMessage=wvUEyDo6UWSV/z8nHVf81w==StackTrace= at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Sockets.SocketExceptionMessage=ll/Fg5fciCSQFNLUP9GLlg==StackTrace= at void System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at void System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at WebExceptionStatus System.Net.ServicePoint.ConnectSocketInternal(bool connectFailure, Socket s4, Socket s6, ref Socket socket, ref IPAddress address, ConnectSocketState state, IAsyncResult asyncResult, out Exception exception)InnerException=]]]
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(IRequestWithResponse<TResponse> request)
at TResult Microsoft.Tri.Infrastructure.TaskExtension.Await<TResult>(Task<TResult> task)
at new Microsoft.Tri.Sensor.Common.CommonSensorModuleManager()
at new Microsoft.Tri.Sensor.Updater.SensorUpdaterModuleManager()
at ModuleManager Microsoft.Tri.Sensor.Updater.SensorUpdaterService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
2021-02-11 13:00:56.7383 Error CommunicationWebClient+<SendWithRetryAsync>d__9`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace= at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.WebExceptionMessage=wvUEyDo6UWSV/z8nHVf81w==StackTrace= at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Sockets.SocketExceptionMessage=ll/Fg5fciCSQFNLUP9GLlg==StackTrace= at void System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at void System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at WebExceptionStatus System.Net.ServicePoint.ConnectSocketInternal(bool connectFailure, Socket s4, Socket s6, ref Socket socket, ref IPAddress address, ConnectSocketState state, IAsyncResult asyncResult, out Exception exception)InnerException=]]]
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(IRequestWithResponse<TResponse> request)
at TResult Microsoft.Tri.Infrastructure.TaskExtension.Await<TResult>(Task<TResult> task)
at new Microsoft.Tri.Sensor.Common.CommonSensorModuleManager()
at new Microsoft.Tri.Sensor.Updater.SensorUpdaterModuleManager()
at ModuleManager Microsoft.Tri.Sensor.Updater.SensorUpdaterService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
2021-02-11 13:01:45.5310 Error CommunicationWebClient+<SendWithRetryAsync>d__9`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace= at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.WebExceptionMessage=wvUEyDo6UWSV/z8nHVf81w==StackTrace= at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Sockets.SocketExceptionMessage=ll/Fg5fciCSQFNLUP9GLlg==StackTrace= at void System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at void System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at WebExceptionStatus System.Net.ServicePoint.ConnectSocketInternal(bool connectFailure, Socket s4, Socket s6, ref Socket socket, ref IPAddress address, ConnectSocketState state, IAsyncResult asyncResult, out Exception exception)InnerException=]]]
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(IRequestWithResponse<TResponse> request)
at TResult Microsoft.Tri.Infrastructure.TaskExtension.Await<TResult>(Task<TResult> task)
at new Microsoft.Tri.Sensor.Common.CommonSensorModuleManager()
at new Microsoft.Tri.Sensor.Updater.SensorUpdaterModuleManager()
at ModuleManager Microsoft.Tri.Sensor.Updater.SensorUpdaterService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
2021-02-11 13:02:33.9485 Error CommunicationWebClient+<SendWithRetryAsync>d__9`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace= at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.WebExceptionMessage=wvUEyDo6UWSV/z8nHVf81w==StackTrace= at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Sockets.SocketExceptionMessage=ll/Fg5fciCSQFNLUP9GLlg==StackTrace= at void System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at void System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at WebExceptionStatus System.Net.ServicePoint.ConnectSocketInternal(bool connectFailure, Socket s4, Socket s6, ref Socket socket, ref IPAddress address, ConnectSocketState state, IAsyncResult asyncResult, out Exception exception)InnerException=]]]
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(IRequestWithResponse<TResponse> request)
at TResult Microsoft.Tri.Infrastructure.TaskExtension.Await<TResult>(Task<TResult> task)
at new Microsoft.Tri.Sensor.Common.CommonSensorModuleManager()
at new Microsoft.Tri.Sensor.Updater.SensorUpdaterModuleManager()
at ModuleManager Microsoft.Tri.Sensor.Updater.SensorUpdaterService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
2021-02-11 13:03:22.8064 Error CommunicationWebClient+<SendWithRetryAsync>d__9`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace= at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.WebExceptionMessage=wvUEyDo6UWSV/z8nHVf81w==StackTrace= at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Sockets.SocketExceptionMessage=ll/Fg5fciCSQFNLUP9GLlg==StackTrace= at void System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at void System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at WebExceptionStatus System.Net.ServicePoint.ConnectSocketInternal(bool connectFailure, Socket s4, Socket s6, ref Socket socket, ref IPAddress address, ConnectSocketState state, IAsyncResult asyncResult, out Exception exception)InnerException=]]]
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(IRequestWithResponse<TResponse> request)
at TResult Microsoft.Tri.Infrastructure.TaskExtension.Await<TResult>(Task<TResult> task)
at new Microsoft.Tri.Sensor.Common.CommonSensorModuleManager()
at new Microsoft.Tri.Sensor.Updater.SensorUpdaterModuleManager()
at ModuleManager Microsoft.Tri.Sensor.Updater.SensorUpdaterService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)
2021-02-11 13:04:11.3188 Error CommunicationWebClient+<SendWithRetryAsync>d__9`1 Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Http.HttpRequestExceptionMessage=7INzM3PVZQKggOiiHcWjqw==StackTrace= at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.WebExceptionMessage=wvUEyDo6UWSV/z8nHVf81w==StackTrace= at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)InnerException=Microsoft.Tri.Infrastructure.ExtendedException: Sanitized exception: [Type=System.Net.Sockets.SocketExceptionMessage=ll/Fg5fciCSQFNLUP9GLlg==StackTrace= at void System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult)
at void System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at WebExceptionStatus System.Net.ServicePoint.ConnectSocketInternal(bool connectFailure, Socket s4, Socket s6, ref Socket socket, ref IPAddress address, ConnectSocketState state, IAsyncResult asyncResult, out Exception exception)InnerException=]]]
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
at async Task<TResponse> Microsoft.Tri.CommonCommunication.CommunicationWebClient.SendAsync<TResponse>(IRequestWithResponse<TResponse> request)
at TResult Microsoft.Tri.Infrastructure.TaskExtension.Await<TResult>(Task<TResult> task)
at new Microsoft.Tri.Sensor.Common.CommonSensorModuleManager()
at new Microsoft.Tri.Sensor.Updater.SensorUpdaterModuleManager()
at ModuleManager Microsoft.Tri.Sensor.Updater.SensorUpdaterService.CreateModuleManager()
at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync()
at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task)
at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)

Preview file
393 KB
Preview file
393 KB
12.7K Views
0 Likes
12 Replies
Reply
12 Replies
hemdan875

‎Feb 15 2021 02:16 AM

‎Feb 15 2021 02:16 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

Hey guys I'm currently trying to install azure apt sensor on all my domain  controllers but all of then keep failing with the above error code.

0 Likes
Reply
Eli Ofek

‎Feb 15 2021 02:32 AM

‎Feb 15 2021 02:32 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@hemdan875 
The sensor is blocked from communicating with the azure backend.

Do you need a proxy to get there?
Did you install the sensor in silent mode with proxy parameters?

by any chance is SSL inspection taking place ?

Any FW config that will block the process from communicating out?

0 Likes
Reply
hemdan875

‎Feb 15 2021 02:40 AM

‎Feb 15 2021 02:40 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

Did you install the sensor in silent mode with proxy parameters?
I tried the silent mode but without the proxy parameters , i don't know how to go about that part.

by any chance is SSL inspection taking place ?
How should i check this?


0 Likes
Reply
Eli Ofek

‎Feb 15 2021 03:22 AM

‎Feb 15 2021 03:22 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@hemdan875 
See here:

https://docs.microsoft.com/en-us/defender-for-identity/silent-installation#proxy-authentication

Reinstall with proxy params.

if it still fails, check with your proxy managers if they use SSL inspection.

0 Likes
Reply
Eli Ofek

‎Feb 15 2021 03:52 AM

‎Feb 15 2021 03:52 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@hemdan875 
You just need to add the 3 proxy params in the table to the standatd params after the last acccess key param and you should be fine.

You  need to reinstall, you can't "update" and existing installation with proxy...

0 Likes
Reply
hemdan875

‎Feb 15 2021 04:29 AM

‎Feb 15 2021 04:29 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

thanks...Let me try that right now..
0 Likes
Reply
hemdan875

‎Feb 15 2021 06:37 AM

‎Feb 15 2021 06:37 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

Hi Eli, i was able to install with the silent method but the service is not starting.
0 Likes
Reply
hemdan875

‎Feb 15 2021 06:38 AM

‎Feb 15 2021 06:38 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@Eli Ofek  The service does not start.

hemdan875_0-1613399869810.png

 

0 Likes
Reply
Eli Ofek

‎Feb 15 2021 03:02 PM

‎Feb 15 2021 03:02 PM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@hemdan875 

Check for errors in the local log file (Logs folder under the deployment folder)

0 Likes
Reply
hemdan875

‎Feb 17 2021 09:57 PM

‎Feb 17 2021 09:57 PM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@Eli Ofek 

 

thanks checked and resolved the issue, its now working fine

0 Likes
Reply
behodil

‎Jun 20 2023 02:37 AM

‎Jun 20 2023 02:37 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

Hi,
yesterday we started to install the "Azure ATP Sensor" on all our 12 DCc. On six of them that worked fine and straight forward. On the other six the installation fails with error 0x80070643.
The MS.Tri.Sensor.Deployment.Deployer.xxx.log shows an error HttpResponseMessageExtension and that two way SSL connection service failed.
We do not use any proxy and the DCs are similar configured as the other six.
I tried to install in system context by using psexec from sysinternals with no success (neither silent or in cmd).
I stopped any firewall settings before next try of installation with no success.
Any further ideas?
Any help is appreciated
Thanks in advance
Bernd
0 Likes
Reply
Eli Ofek

‎Jun 20 2023 04:02 AM

‎Jun 20 2023 04:02 AM

Re: Microsoft Defender for Identity Deployment error code 0x80070643

@behodil I suggest to open a support case for this one.
If you verified that there is no SSL inspection in place and no other configuration that might have messed with the certificates, the odds of troubleshooting it hear are slim.
I suggest to attach to the ticket all the deployment logs, not just the one you mentioned.
I would also attach the logs from a working instance for comparison if those are still available.


In those cases most likely the machine are not completely identical from configuration aspect, event though they are perceived to be, we often run into GPOs that people were not aware of,
3rds that were installed etc.
But support will be able to help most when sharing files with them securely.

0 Likes
Reply