Skip to content

SamErde/Install-Defender-for-Identity

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

.github/workflows

.github/workflows

 
 

.cspell.json

.cspell.json

 
 

.mega-linter.yml

.mega-linter.yml

 
 

Disable-AllAdaptersLso.ps1

Disable-AllAdaptersLso.ps1

 
 

Install-MDI.ps1

Install-MDI.ps1

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Remove-AtaSensor.ps1

Remove-AtaSensor.ps1

 
 

Repository files navigation

Migrate ATA to MDI

For now this is just a quick script to install the Microsoft Defender for Identity on Windows Server Core. When done, it will also remove the old Microsoft Advanced Threat Analytics sensor if that is present.

To-Do:

  • Configure Directory Services Advanced Auditing events according to the guidance as described in https://aka.ms/mdi/advancedaudit
    eg: Descendant Computer Objects (Schema-Id-Guid: bf967a86-0de6-11d0-a285-00aa003049e2)

  • Configure the Directory Services Object Auditing events according to the guidance as described in https://aka.ms/mdi/objectauditing

About

Install Microsoft Defender for Identity on Windows Server Core and remove Microsoft Advanced Threat Analytics, if it is present.

Topics

microsoft security powershell active-directory azure-active-directory hacktoberfest microsoft-defender microsoft-entra microsoft-defender-for-identity

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Languages