Migrating servers from Microsoft Monitoring Agent to the unified solution
Article
Applies to:
Windows Server 2012 R2
Windows Server 2016
This article guides you in migrating down-level servers from Microsoft Monitoring Agent (MMA) to the unified solution.
Prerequisites
Microsoft Endpoint Configuration Manager (MECM) higher than 2207.
Down-level OS devices in your environment onboarded with Microsoft Monitoring Agent. To confirm, verify that MsSenseS.exe is running in Task Manager.
Presence of the MMA agent. You can verify it by checking if the correct Workspace ID is present in the Control Panel> Microsoft Monitoring Agent.
Active Microsoft Defender portal with devices onboarded.
A Device Collection containing down-level servers such as Windows Server 2012 R2 or Windows Server 2016 using MMA agent is set up in your MECM instance.
For more information on installing the listed prerequisites, see related topics section.
Gather required files
Copy the unified solution package, onboarding script and migration script to the same content source you deploy other apps with MECM.
Click Next and make sure to add your own Workspace ID in this section.
Click Next and click add a clause.
The detection method will be based on the registry key shown below.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sense
Check the option: This registry setting must exit on the target system to indicate presence of this application.
Tip
The registry key value was obtained by running the Powershell command shown below on a device that has the unified solution installed. Other creative methods of detection can also be used. The goal is to identify whether the unified solution has already been installed on a specific device. You can leave the Value and Data Type fields as blank.
In the User Experience section, check the recommended settings shown in the screenshot. You can choose what suits your environment and click Next. For Installation program visibility, it's advisable to install with Normal during phase testing then change it to Minimized for general deployment.
Tip
The maximum allowed runtime can be lowered from (default) 120 minutes to 60 minutes.
Add any additional requirements then select Next.
Under the Dependencies section, select Next.
Select Next until completion screen comes up, then Close.
Keep select Next until the completion of Application Wizard. Verify all have been green checked.
Close the wizard, right-click on the recently created application and deploy it to your down-level-server collection. Locally, the installation can be confirmed at Software Center. For details, check the CM logs at C:\Windows\CCM\Logs\AppEnforce.log.
Verify the status of the migration at MECM > Monitoring > Deployments.
Troubleshooting .ETL files will be created and automatically saved locally in each server at this location C:\Windows\ccmcache\#\. These files can be leveraged by support to troubleshoot onboarding issues.
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.
Read this article to get an overview of how to migrate your servers from the previous, MMA-based solution to the current Defender for Endpoint unified solution package.