Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
250 questions
MDI AD Sensor - Unable to install silent with proxy parameter
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 21%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Sébastien Brulotte (DARSSS)
0
Reputation points
Hi, I'm trying to install the ATP sensor for MDI on our AD. The installation through the GUI setup.exe failed with an error code leading to the our use of a proxy. I am now trying to install it through the silent install using CMD with the proxy parameters and the following command, but the installation does not seem to work at all:
"Azure ATP sensor Setup.exe" /quiet ProxyUrl="<ProxyAddress>" NetFrameworkCommandLineArguments="/q" AccessKey="<AccessKey>"
Here is the log file I'm getting out of the installation, with censored proxy address:
[25C4:2638][2023-08-07T14:00:07]i001: Burn v3.11.2.4516, Windows v10.0 (Build 14393: Service Pack 0), path: C:\WINDOWS\Temp\{B4BF6EF4-E5B6-4DBA-BBED-1A417952102E}\.cr\Azure ATP Sensor Setup.exe
[25C4:2638][2023-08-07T14:00:07]i000: Initializing hidden variable 'AccessKey'
[25C4:2638][2023-08-07T14:00:07]i000: Initializing hidden variable 'ProxyConfiguration'
[25C4:2638][2023-08-07T14:00:07]i000: Initializing hidden variable 'ProxyUserPassword'
[25C4:2638][2023-08-07T14:00:07]i000: Initializing string variable 'NetFrameworkCommandLineArguments' to value '/passive /showrmui'
[25C4:2638][2023-08-07T14:00:07]i009: Command Line: '"-burn.clean.room=C:\Users\cds\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe" -burn.filehandle.attached=488 -burn.filehandle.self=500 /quiet ProxyUrl=ProxyAddress AccessKey=*****'
[25C4:2638][2023-08-07T14:00:07]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Users\cds\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe'
[25C4:2638][2023-08-07T14:00:07]i000: Setting string variable 'WixBundleOriginalSourceFolder' to value 'C:\Users\cds\Desktop\Azure ATP Sensor Setup\'
[25C4:2638][2023-08-07T14:00:07]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\cds\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20230807140007.log'
[25C4:2638][2023-08-07T14:00:07]i000: Setting string variable 'WixBundleName' to value 'Azure Advanced Threat Protection Sensor'
[25C4:2638][2023-08-07T14:00:07]i000: Setting string variable 'WixBundleManufacturer' to value 'Microsoft Corporation'
[25C4:2638][2023-08-07T14:00:07]i000: Loading managed bootstrapper application.
[25C4:2638][2023-08-07T14:00:07]i000: Creating BA thread to run asynchronously.
[25C4:2638][2023-08-07T14:00:10]i100: Detect begin, 5 packages
[25C4:2638][2023-08-07T14:00:10]i000: 2023-08-07 18:00:10.7294 Debug DeploymentModel DetectDeploymentAction DetectBegin [\[]Installed=False[\]]
[25C4:2638][2023-08-07T14:00:10]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB4019990~31bf3856ad364e35~amd64~~6.1.1.2'
[25C4:2638][2023-08-07T14:00:10]i000: Setting numeric variable 'Kb4019990Windows2008R2Exists' to value 0
[25C4:2638][2023-08-07T14:00:10]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_1_for_KB4019990~31bf3856ad364e35~amd64~~6.2.1.1'
[25C4:2638][2023-08-07T14:00:10]i000: Setting numeric variable 'Kb4019990Windows2012Exists' to value 0
[25C4:2638][2023-08-07T14:00:10]i000: Setting string variable 'NetFrameworkRegistryValue' to value '460805'
[25C4:2638][2023-08-07T14:00:10]i000: Setting string variable 'ServerLevelsServerCoreRegistryValue' to value '1'
[25C4:2638][2023-08-07T14:00:10]i000: Setting string variable 'ServerLevelsServerGuiShellRegistryValue' to value '1'
[25C4:2638][2023-08-07T14:00:10]i052: Condition 'Kb4019990Windows2008R2Exists' evaluates to false.
[25C4:2638][2023-08-07T14:00:10]i052: Condition 'Kb4019990Windows2012Exists' evaluates to false.
[25C4:2638][2023-08-07T14:00:10]i052: Condition 'NetFrameworkRegistryValue >= 460798' evaluates to true.
[25C4:2638][2023-08-07T14:00:10]i052: Condition 'NetFrameworkRegistryValue >= 460798' evaluates to true.
[25C4:2638][2023-08-07T14:00:10]i101: Detected package: Kb4019990Windows2008R2Package, state: Absent, cached: None
[25C4:2638][2023-08-07T14:00:10]i101: Detected package: Kb4019990Windows2012Package, state: Absent, cached: None
[25C4:2638][2023-08-07T14:00:10]i101: Detected package: NetFrameworkPackageServer, state: Present, cached: Complete
[25C4:2638][2023-08-07T14:00:10]i101: Detected package: NetFrameworkPackageServerCore, state: Present, cached: Complete
[25C4:2638][2023-08-07T14:00:10]i101: Detected package: MsiPackage, state: Absent, cached: None
[25C4:2638][2023-08-07T14:00:10]i199: Detect complete, result: 0x0
[25C4:2058][2023-08-07T14:00:10]i000: 2023-08-07 18:00:10.7451 Debug DeploymentModel .ctor [\[]DeploymentAction=Install[\]]
[25C4:2058][2023-08-07T14:00:10]i000: 2023-08-07 18:00:10.9013 Error SensorBootstrapperApplication Run failed to create deployment manager [\[]exception=System.UriFormatException: Invalid URI: The URI scheme is not valid.
at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
at System.Uri..ctor(String uriString)
at Microsoft.Tri.Sensor.Deployment.Bundle.UI.InstallationDeploymentConfiguration..ctor(Engine engine, InstallationCommandLineConfiguration installationCommandLineConfiguration, String installationPath)
at Microsoft.Tri.Sensor.Deployment.Bundle.UI.DeploymentModel.CreateDeploymentConfiguration()
at Microsoft.Tri.Sensor.Deployment.Bundle.UI.DeploymentModel..ctor(BootstrapperApplication bootstrapperApplication)
at Microsoft.Tri.Sensor.Deployment.Bundle.UI.SensorBootstrapperApplication.Run()[\]]
[25C4:2638][2023-08-07T14:00:10]i500: Shutting down, exit code: 0x643
[25C4:2638][2023-08-07T14:00:10]i410: Variable: Kb4019990Windows2008R2Exists = 0
[25C4:2638][2023-08-07T14:00:10]i410: Variable: Kb4019990Windows2012Exists = 0
[25C4:2638][2023-08-07T14:00:10]i410: Variable: NetFrameworkCommandLineArguments = /passive /showrmui
[25C4:2638][2023-08-07T14:00:10]i410: Variable: NetFrameworkRegistryValue = 460805
[25C4:2638][2023-08-07T14:00:10]i410: Variable: ServerLevelsServerCoreRegistryValue = 1
[25C4:2638][2023-08-07T14:00:10]i410: Variable: ServerLevelsServerGuiShellRegistryValue = 1
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleAction = 5
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleElevated = 1
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleLog = C:\Users\cds\AppData\Local\Temp\Azure Advanced Threat Protection Sensor_20230807140007.log
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleManufacturer = Microsoft Corporation
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleName = Azure Advanced Threat Protection Sensor
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleOriginalSource = C:\Users\cds\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleOriginalSourceFolder = C:\Users\cds\Desktop\Azure ATP Sensor Setup\
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleProviderKey = {8b0b8cc1-ed6d-4c5a-980c-bec8dd0f9947}
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleSourceProcessFolder = C:\Users\cds\Desktop\Azure ATP Sensor Setup\
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleSourceProcessPath = C:\Users\cds\Desktop\Azure ATP Sensor Setup\Azure ATP Sensor Setup.exe
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleTag =
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleUILevel = 2
[25C4:2638][2023-08-07T14:00:10]i410: Variable: WixBundleVersion = 2.209.16865.34001
[25C4:2638][2023-08-07T14:00:10]i007: Exit code: 0x643, restarting: No
Any idea what could cause this ?
Sign in to answer