MDI-configurator v1.0 is out !

ByThomas Verheyden

A user-friendly graphical interface for managing Microsoft Defender for Identity (MDI) configurations using PowerShell.

This PowerShell script provides a comprehensive WPF-based GUI wrapper around the Microsoft Defender for Identity PowerShell module. It simplifies the configuration, testing, and management of MDI deployments through an intuitive interface, eliminating the need to remember complex PowerShell commands.

Download: v3rtho/MDI-configurator: Guidance scripts related to Defender For Identity: Prereqs, configuration etc

Features

🔧 Configuration Management

  • Set MDI configurations for Domain or LocalMachine mode
  • All (all configurations)
  • AdfsAuditing
  • AdRecycleBin
  • AdvancedAuditPolicyCAs
  • AdvancedAuditPolicyDCs
  • CAAuditing
  • ConfigurationContainerAuditing
  • EntraConnectAuditing
  • RemoteSAM
  • DomainObjectAuditing
  • NTLMAuditing
  • ProcessorPerformance

🧪 Testing & Validation

  • Test MDI configurations
  • Validate specific audit policies
  • Support for both Domain and LocalMachine testing modes

📊 Reporting

  • Generate comprehensive HTML configuration reports
  • Customizable output path
  • Automatic report opening option
  • Domain and LocalMachine report modes

🌐 Proxy Configuration

  • Configure MDI sensor proxy settings
  • Support for authenticated proxies
  • Get current proxy configuration
  • Clear proxy settings
  • Test sensor API connectivity

👤 Directory Service Account (DSA) Management

  • Create DSA accounts
  • Test DSA permissions and delegations
  • View current MDI configuration

🚀 Prerequisites

  • Operating System: Windows 10/11 or Windows Server 2016+
  • PowerShell: Version 5.1 or later
  • Module: DefenderForIdentity PowerShell module
  • Permissions: Administrator rights required for most operations

📦 Installation

1. Install the DefenderForIdentity Module

Open PowerShell as Administrator and run:

Install-Module -Name DefenderForIdentity -Force

2. Download the Script

Clone this repository or download the MDI-configurator.ps1

3. Execution Policy

Ensure your PowerShell execution policy allows script execution:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

🎯 Usage

Running the Script

Option 1: From PowerShell

.\MDI-configurator.ps1

First-Time Setup

  1. The script will automatically check if the DefenderForIdentity module is installed
  2. If not found, it will prompt you with installation instructions
  3. After installing the module, restart the application

Similar Posts

Fix: SENSE Service stuck in START_PENDING on WS2012R2 or WS2016? Check OOBE !

ByThomas Verheyden

Intro This blog discusses a challenge I encountered with a client. They reached out for assistance in addressing issues during the deployment of Defender for Endpoint on Windows Server 2012 R2 and Windows Server 2016. Yes, despite being end-of-life (EOL), these operating systems are still in use. If you’re only interested in the solution, skip…

| |

Defender for Endpoint Migration: Troubleshooting Persistent Third-Party AV Registration

ByThomas Verheyden

Intro I recently assisted a costumer with migrating to Defender for Endpoint. They had some windows 10/11 endpoints where the 3rd party Antivirus (AV) kept registered as primary Antivirus which by default put Defender for Endpoint in disable state on Windows 10/11: Together with the Internal system engineers we tested multiple uninstall packages/scripts provided by…

|

Defender AV Mystery: Solving the ‘Source Files could Not be Found’

ByThomas Verheyden

Intro This week I bumped into a problem that I had not experienced for several years at one of my customers. The customer was migrating from a 3rd-party EDR to Defender for Endpoint on their servers. During the onboarding they wanted to enable the Defender Antivirus server role and they run against the following error:…

Defender for Endpoint for Linux: new capabilities and enhancements

ByThomas Verheyden

Intro Microsoft published this summer new capabilities and enhancements for Defender for Endpoint on linux. In my opinion Defender for Endpoint on linux is a lot of times overlooked and the new features are a very good improvement to the performance of Defender for Endpoint on linux which deserve more exposure. In this blog i…

|

Defender for Office 365: Visualisation of the Tenant Allow/Block List features

ByThomas Verheyden

During my work with customers, when I explain the tenant allow and block features in Microsoft Defender for Office 365 P1/P2, I often get the question: why did Microsoft make this so hard to understand? That comment gave me the idea to create a visual representation of the features to make them easier to understand….

The ultimate Defender XDR RBAC visualization

ByThomas Verheyden

Do you also struggle, like I do, to assign the correct permissions in Microsoft Defender XDR RBAC when designing your RBAC model? I recently created a visual overview of the current roles and their functions. It helped me a lot in understanding how to structure RBAC properly and I hope it can help you too!…

Leave a Reply