Jump to content
  • 0

Onboarding and servicing non-persistent master image with Microsoft Defender

Richard Olah1709161669


Having issue with this in the following environment, App Layer v22.6 and Server 2016


It all works fine following these instructions;


1) Create new version of OS layer 

2) Download and install agent for Server 2016, this installs the Windows Advanced Threat protection Service

3) Copy the files from the “WindowsDefenderATPOnboardingPackage” folder  into the golden/master image under the path C:\WINDOWS\System32\GroupPolicy\Machine\Scripts\Startup

4) Open a Local Group Policy Editor window and navigate to Computer Configuration > Windows Settings > Scripts > Startup

6)  Select the PowerShell Scripts tab, then click Add ,Navigate to onboarding PowerShell script Onboard-NonPersistentMachine.ps1 

7) Finalise the layer and shutdown the server


After publishing the image to PVS i start the server everything is OK, The Advanced Threat protection service is set to automatic, the service is started and the hostname is showing as active in the Defender portal


The trouble starts when i need to patch Office in a separate layer, when logging into the app layer the Advanced Threat protection service is running and the host name for the layer is in the Defender console. So after patching i need to off-board the image (this basically stops the service) and makes the master image for this machine in the console inactive. I then finalise the image and publish to PVS


After starting up the ATP service it is now set to manual and therefor does not on-board and appear in the console


More detailed information about the process is in this article https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/onboarding-and-servicing-non-persistent-vdi-machines-with/ba-p/1360721


Any help would be greatly appreciated



Link to comment

2 answers to this question

Recommended Posts

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...