Description:
You are trying to install Microsoft Defender for Identity sensor on a Domain Controller. The Domain Controller need to use proxy to communicate to the internet. You've enter the correct proxy setting on the Domain Controller system setting. And you've make sure the required communication port (443) are already open from Domain Controller to *.atp.azure.com. However you still got stop error 0x80070643.
Resolution:
Configure the proxy setting using registry. You must copy the proxy configuration that you use in user context to the localsystem and localservice. To copy your user context proxy settings:
Make sure to back up the registry keys before you modify them.
In the registry, search for the value
DefaultConnectionSettings
as REG_BINARY under the registry keyHKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings. Export all the value inside the Connections key
.Open the exported file and edit the location to become
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
. Save the first copy of the file.Double click the new file to import the value from the Current_user
DefaultConnectionSettings
to LocalSystem.After that, open the exported file and edit the location to become
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
. Save the second copy of the file.Double click the second file to import value from the Current_User
DefaultConnectionSettings
to LocalService.Close the registry editor.