Download the Microsoft Defender for Identity sensor
This article describes how to download the Microsoft Defender for Identity sensor for your domain controllers or AD CS / AD FS servers.
Add a sensor and download sensor software
In Microsoft Defender XDR, go to System > Settings > Identities.
Select the Sensors tab, which displays all of your Defender for Identity sensors. For example:
Select Add sensor. Then, in the Add a new sensor pane, select Download installer and save the installation package locally. The downloaded zip file includes the following files:
The Defender for Identity sensor installer
The configuration setting file with the required information to connect to the Defender for Identity cloud service
Npcap OEM version 1.0, which is automatically installed by the sensor installation if it's not found to be already installed
In the Add a new sensor pane, copy the Access key value and save it to a secured location. This access key is a one-time password for use when deploying the sensor, after which communication is performed using certificates for authentication and TLS encryption.
Tip
It is recommended to regenerate the access key using the Regenerate key button on a regular basis. It won't affect any previously deployed sensors, because it's only used for initial registration of the sensor.
Copy the downloaded installation package to the dedicated server or domain controller where you're installing the Defender for Identity sensor.