TenaciousZ
New member
- Jan 7, 2025
- 1
Hello Sysnative friends 
Got the official go-ahead from management to reach out to y'all.
I'm out of ideas, so I'm hoping that going through the motions with someone here will produce better results. We have many servers in our fleet, and we've been changing over from TrendMicro's business solution for AntiVirus to Defender, having recently migrated everything to Azure Cloud. All of the servers save for two of them took Defender's cloud version onboarding normally, but those two others didn't agree with it for whatever reason. I managed to (seemingly magically) get one of the two to take it after some DISM/SFC work, plus a reboot thrown in for good measure. But this last one, an application server in our Production environment, is proving to be incredibly stubborn surrounding that software's deployment. I have thrown the book at it, and I have another node that works with this server, which took Defender just fine on the first try mind you, so I don't understand why this replica is being so anti-Defender...
I have tried running the onboarding script MS provides manually, but I get errors each time. I've tried running all the DISM-based commands, even in tandem with an ISO (two different ones for 2019, same result), but it keeps reporting to me that it's unable to locate an assembly that it needs. DISM's "ScanHealth" option tells me that the component store is repairable, but then a subsquent "RestoreHealth" command doesn't seem to be able to address that. I tried running the MSI (that comes with the MS Defender for Azure onboarding package) manually, and it keeps telling me I need to update Defender first (referencing KB4052623) to the latest version. It's not installed though, as best as I can tell. I did try moving some files over from the other node that supports the application with this problem server, but that didn't work out and led to me undoing those actions. I figure worst-case scenario, I could perhaps try that process again if I must
I think the only thing I have not done surrounding this, is involve MS Support.
My issue seems nearly identical to this article that I found: Windows Defender Install – ERROR_SXS_ASSEMBLY_MISSING
I followed their recommended steps from start to finish, and I opted to manually address the packages listed in the script (as it appears one of your recommended scans/tools aims to address) to reset their status and hopefully kick it into gear, but nope; unfortunately for me, no dice there.
What led me here was another post that seems to also be exactly what I'm running into (or close to it, I guess), which is this one: [SOLVED] - Windows Server 2019 x64 - cannot enable Defender feature
Unfortunately, for me, the logs produced by the scanning tools y'all recommend appear to be clean, given the work I did in relation to the manual corrections to the registry related to that first link I posted above.
That mostly covers it, though I'm sure I'm failing to include many things I've done to address this, and I'm happy to provide any additional information, in the way of logs/etc., as needed. Any help tailored specifically to this problem-child of a server I have here is greatly appreciated in advance! Hopefully I can get past this with your help, and I look forward to working with someone!
Got the official go-ahead from management to reach out to y'all.I'm out of ideas, so I'm hoping that going through the motions with someone here will produce better results. We have many servers in our fleet, and we've been changing over from TrendMicro's business solution for AntiVirus to Defender, having recently migrated everything to Azure Cloud. All of the servers save for two of them took Defender's cloud version onboarding normally, but those two others didn't agree with it for whatever reason. I managed to (seemingly magically) get one of the two to take it after some DISM/SFC work, plus a reboot thrown in for good measure. But this last one, an application server in our Production environment, is proving to be incredibly stubborn surrounding that software's deployment. I have thrown the book at it, and I have another node that works with this server, which took Defender just fine on the first try mind you, so I don't understand why this replica is being so anti-Defender...
I have tried running the onboarding script MS provides manually, but I get errors each time. I've tried running all the DISM-based commands, even in tandem with an ISO (two different ones for 2019, same result), but it keeps reporting to me that it's unable to locate an assembly that it needs. DISM's "ScanHealth" option tells me that the component store is repairable, but then a subsquent "RestoreHealth" command doesn't seem to be able to address that. I tried running the MSI (that comes with the MS Defender for Azure onboarding package) manually, and it keeps telling me I need to update Defender first (referencing KB4052623) to the latest version. It's not installed though, as best as I can tell. I did try moving some files over from the other node that supports the application with this problem server, but that didn't work out and led to me undoing those actions. I figure worst-case scenario, I could perhaps try that process again if I must
I think the only thing I have not done surrounding this, is involve MS Support.
My issue seems nearly identical to this article that I found: Windows Defender Install – ERROR_SXS_ASSEMBLY_MISSING
I followed their recommended steps from start to finish, and I opted to manually address the packages listed in the script (as it appears one of your recommended scans/tools aims to address) to reset their status and hopefully kick it into gear, but nope; unfortunately for me, no dice there.
What led me here was another post that seems to also be exactly what I'm running into (or close to it, I guess), which is this one: [SOLVED] - Windows Server 2019 x64 - cannot enable Defender feature
Unfortunately, for me, the logs produced by the scanning tools y'all recommend appear to be clean, given the work I did in relation to the manual corrections to the registry related to that first link I posted above.
That mostly covers it, though I'm sure I'm failing to include many things I've done to address this, and I'm happy to provide any additional information, in the way of logs/etc., as needed. Any help tailored specifically to this problem-child of a server I have here is greatly appreciated in advance! Hopefully I can get past this with your help, and I look forward to working with someone!
