Server Management
Installing Microsoft Defender for Endpoint on Red Hat 7/8
Last modified 8/1/2022
This guide will walk you through installing Defender for Endpoint on Linux using Red Hat 7 or 8.
Before you Begin
Most of the steps outlined below can be found on Microsoft Docs here - https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/linux-install-manually
You will need an onboarding package file called "WindowsDefenderATPOnboardingPackage.zip". Please submit a ticket to "AT CCA" asking for a copy of this .zip.
Installing Defender for Endpoint
Prerequisites
Install yum-utils if it isn't installed yet:
sudo yum install yum-utils
Add the following repos for yum to use:
RHEL 8
sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/rhel/8/prod.repo
RHEL 7
sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/rhel/7.2/prod.repo
Install the Microsoft GPG public key:
sudo rpm --import http://packages.microsoft.com/keys/microsoft.asc
Installation
Install Defender using yum:
sudo yum install mdatp
Copy over WindowsDefenderATPOnboardingPackage.zip and extract it:
unzip WindowsDefenderATPOnboardingPackage.zip
Run the following python script:
RHEL 8
sudo python3 MicrosoftDefenderATPOnboardingLinuxServer.py
RHEL 7
sudo python MicrosoftDefenderATPOnboardingLinuxServer.py
Verify Installation
Verify that the device is now reporting a organization identifier:
mdatp health --field org_id
Check the health status of the product by running the following command. A return value of 1 denotes that the product is functioning as expected:
mdatp health --field healthy