Microsoft Defender for Identity
The Defender for Identity documentation details how to manually set up the required configurations. However, manual configuration can be error-prone, time-consuming, and difficult to manage in a complex, multi-domain environment. For example:
- Adding auditing on read property actions adds unnecessary load on the domain controllers
- Defender for Identity can have blind spots if you don't register the proper events
The Defender for Identity PowerShell module solves these issues by helping to automate the configuration processes for domains, domain controllers, and other sensor servers.
Installing the DefenderForIdentity module
- This module requires Windows PowerShell 5.1 or PowerShell 7.4 or later. This prerequisite isn't checked by the installation.
- To install the module from the PowerShell Gallery, use the following command:
Install-Module -Name DefenderForIdentity
To use the DefenderForIdentity module with PowerShell 7.4 or later, first run the following command to import the GroupPolicy module:
Import-Module -Name GroupPolicy -SkipEditionCheck
Related content
For more information, see the DefenderForIdentity reference.