Support for Microsoft Defender on on premise Active Directory domain controllers

Question

hi - can you tell us if Microsoft supports or partially supports or does not support Microsoft Defender for Servers/Cloud going onto on premise domain controllers?

If there are any special caveants please provide links

Answer 1

Hi,

Any on-premises server for which the OS is supported by Azure Arc is also supported for Defender for Servers. You will need to onboard those servers to Azure Arc. Microsoft Defender for servers does not distinguish specifically if the server is domain controller or not.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 2

Yes, this is supported. Considerations are: 1. Ensure least access privileges to live response. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/live-response?view=o365-worldwide.

Answer 3

Hello Tom,

Yes, Defender for Cloud (Defender for Servers) supports on-premises Domain Controllers. You can onboard them via Direct Onboarding or via Azure Arc.

See the links below for more info:

Direct Onboarding: https://learn.microsoft.com/en-us/azure/defender-for-cloud/onboard-machines-with-defender-for-endpoint#enabling-direct-onboarding

Azure Arc: https://learn.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-machines

Supported OSes: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/minimum-requirements?view=o365-worldwide#supported-windows-versions

As far as caveats go, not really. Unless you're onboarding an older OS like Windows 2008 R2 where another agent (MMA Agent) may be required.