Skip to content

Onboarding Linux servers with Microsoft Defender for Endpoint

Jump to bottom
Matt Novitsch edited this page May 15, 2024 · 9 revisions

  1. Now we need to download the onboarding script to your workstation from Defender XDR:
    Navigate to https://security.microsoft.com/

  2. Navigate to Settings > Endpoints > Onboarding

  3. Select Linux Servers and then Download onboarding package. image

  4. Unzip the file and remember its location. image

  5. Open an Administrative PowerShell.

  6. We will use the SCP command to upload the py script to the Linux Server:
    scp -P 22 .\MicrosoftDefenderATPOnboardingLinuxServer.py <username>@<IP Address or servername>:/home/<username>/Desktop/
    • It should prompt you for your password.
    image

  7. Check and/or Install Python.
    python --version
    sudo dnf install python3

  8. Install MDE
    sudo yum install mdatp

  9. Change directory to the location where you placed the onboarding package.
    cd Desktop

  10. Run the python script to create the onboarding package.
    sudo python MicrosoftDefenderATPOnboardingLinuxServer.py

  11. Check the MDE client is pointing to your tenant:
    mdatp health --field org_id

  12. You should see your OrgID returned, if you do then you are complete. It should show up in the console within 15 minutes to a couple of hours(mine were both in 15 minutes).

Clone this wiki locally