Skip to main content Link Menu Expand (external link) Document Search Copy Copied
Defender for Identity

Task 1.1: Configure the Azure environment for Microsoft Defender for Identity

  1. Open Microsoft Edge, and then go to https://github.com/OTRF/Microsoft-Sentinel2Go?tab=readme-ov-file.

  2. On the OTRF/Microsoft-Sentinel2Go page, under Grocery List-Deployment Option, select Microsoft Sentinel + Win10 + AD.

  3. On the Windows 10 + Windows Server (Domain Controller – Active Directory) page, select Deploy to Azure, then sign in using your Azure credentials.

  4. In the Custom deployment form, use the following information to deploy the VM resources, using the default for any value not specified:

    Item Value
    Resource group @lab.CloudResourceGroup(RG1).Name
    Workspace Name Use a unique name
    Admin Username MSAdmin32
    Admin Password Passw0rd12!@
    Number of workstations 2
    Vm Name Prefix WIN
    Windows Desktop SKU win11-22h2-pro
    Windows Server SKU 2022-datacenter
    VM Size Standard_B4ms
    Domain FQDN MSMDI.local
    Allowed IP Addresses Your public IP

    To obtain your public IP, you can open a new browser tab and serach for Whats my IP

  5. Select Review + create and then, after validation, select Create.

    The deployment process will take approximately 15 minutes. You must wait for the deployment to finish. You can safely ignore the deployMSSentinel2Go Conflict error message. If you receive any conflict errors during the deployment, you’ll likely receive an error that the deployment failed. You can safely ignore the error as it isn’t related to the resources used in the lab.