You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/linux-deploy-defender-for-endpoint-using-golden-images.md
+7-31Lines changed: 7 additions & 31 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ ms.collection:
15
15
ms.topic: install-set-up-deploy
16
16
ms.subservice: linux
17
17
search.appverid: met150
18
-
ms.date: 08/27/2025
18
+
ms.date: 08/28/2025
19
19
---
20
20
21
21
# Deploy Microsoft Defender for Endpoint on Linux using golden images (preview)
@@ -45,8 +45,6 @@ This guide walks you through:
45
45
46
46
- Install your preferred [supported Linux distribution](./mde-linux-prerequisites.md#supported-linux-distributions) and apply all necessary system updates.
47
47
48
-
- INSTALL REQUIRED DEPENDENCIES FOR MICROSOFT DEFENDER FOR ENDPOINT
49
-
50
48
1. Install Microsoft Defender for Endpoint
51
49
52
50
There are several methods and tools that you can use to deploy Microsoft Defender for Endpoint on Linux (applicable to AMD64 and ARM64 Linux servers):
@@ -79,45 +77,23 @@ This guide walks you through:
79
77
80
78
Before making a snapshot of the virtual machine, follow these steps to ensure that each clone has a unique machine identity:
81
79
82
-
### On-premises virtual machines
83
-
84
-
1. Inject a New SMBIOS UUID
85
-
86
-
-**KVM/libvirt**: Omit the \<uuid\> element in domain XML or set a fresh UUID using: uuidgen
87
-
88
-
-**VMware/Hyper-V**: Enable platform settings to generate a new BIOS GUID during clone or conversion.
89
-
90
-
1. Regenerate OS Machine ID
91
-
92
-
Run the following commands:
93
-
94
-
```
95
-
rm -f /etc/machine-id /var/lib/dbus/machine-id
96
-
systemd-machine-id-setup
97
-
dbus-uuidgen \--ensure=/var/lib/dbus/machine-id
98
-
```
99
-
100
-
1. Validate Metadata Post-Clone
101
-
102
-
After cloning, verify:
103
-
104
-
- CloudMetadata
80
+
### On-premises machines
105
81
106
-
- dmidecode
82
+
Follow these steps for the respective virtualization platforms:
107
83
108
-
- sysfs values
84
+
-**KVM/libvirt**: Omit the \<uuid\> element in domain XML or set a fresh UUID using: uuidgen
109
85
110
-
- Hardware GUID
86
+
-**VMware/Hyper-V**: Enable platform settings to generate a new BIOS GUID during clone or conversion.
111
87
112
-
If mismatched, update the MachineInfo and save all values back to the Microsoft Defender for Endpoint state file.
88
+
Ensure that the machines are configured to have a unique hardware UUID.
113
89
114
90
### Cloud virtual machines
115
91
116
92
Cloud platforms (for example, Azure, AWS, GCP) automatically inject unique metadata and identifiers via their instance metadata services (IMDS). No manual steps are required. Microsoft Defender for Endpoint automatically detects and uses these values to generate unique machine IDs.
117
93
118
94
## Hostname Management
119
95
120
-
HOSTNAMES ARE STORED PERSISTENTLY DURING INSTALLATION. IF YOU WISH TO CHANGE THE HOSTNAME, **RESTART THE SERVICE** TO ENSURE CONSISTENT IDENTIFIER UPDATES.
96
+
Hostname changes require a restart, as they are consistent while service is running.
0 commit comments