Download the Microsoft Defender for Identity classic sensor

This article describes how to download the Microsoft Defender for Identity classic sensor for your domain controllers or Active Directory Federation Services (AD FS), Active Directory Certificate Services (AD CS), and Microsoft Entra Connect servers.

Add a sensor and download sensor software

1. In Microsoft Defender XDR, go to System > Settings > Identities.

2. Select the Sensors tab, which displays all of your Defender for Identity sensors. For example:

   

3. Select Add sensor. In the Add a new sensor pane, select Continue with classic sensor, and save the installation package locally. The downloaded zip file includes the following files:

   • The Defender for Identity sensor installer

   • The configuration setting file with the required information to connect to the Defender for Identity cloud service

   • Npcap OEM version 1.0, automatically installed during the sensor installation

   

4. In the Add a new sensor pane, copy the Access key value and save it to a secured location. This access key is a one-time password for use when deploying the sensor, after which communication is performed using certificates for authentication and TLS encryption.

   Tip

   We recommend regenerating the access key using the Regenerate key button regularly. It won't affect any previously deployed sensors, because it's only used for initial registration of the sensor.

5. Copy the downloaded installation package to the dedicated server or domain controller where you're installing the Defender for Identity sensor.

   Note

   To download the installation package behind a firewall or proxy server, make sure you allow network traffic to the following FQDN through TCP/443.

   sensorpackage-prd.mdi.securitycenter.microsoft.com

Next step

• Install the Microsoft Defender for Identity sensor »