Update linux-install-with-ansible.md

denisebmsft · denisebmsft · commit c90fa9472b0e · 2024-12-24T11:15:26.000-08:00
diff --git a/defender-endpoint/linux-install-with-ansible.md b/defender-endpoint/linux-install-with-ansible.md
@@ -223,7 +223,7 @@ ansible-playbook -i  /etc/ansible/hosts /etc/ansible/playbooks/install_mdatp.yml
 
 ### How to uninstall Microsoft Defender for Endpoint on Linux Servers
 
-Create uninstallation YAML file (for example: /etc/ansible/playbooks/uninstall_mdatp.yml) which uses mde_installer.sh. You can also download the file directly from [GitHub](/defender-endpoint/linux-support-events)
+First, create an uninstallation YAML file (for example: /etc/ansible/playbooks/uninstall_mdatp.yml) which uses `mde_installer.sh`. You can also download the file directly from [GitHub](/defender-endpoint/linux-support-events)
 
 ```bash
 
@@ -261,188 +261,191 @@ Follow the steps in this section after downloading the onboarding package and me
 
 Create a subtask or role files that contribute to a playbook or task.
 
-- Create the onboarding task, `onboarding_setup.yml`:
+1. Create the onboarding task, `onboarding_setup.yml`:
 
-    ```bash
-    - name: Create MDATP directories
-      file:
-        path: /etc/opt/microsoft/mdatp/
-        recurse: true
-        state: directory
-        mode: 0755
-        owner: root
-        group: root
-
-    - name: Register mdatp_onboard.json
-      stat:
-        path: /etc/opt/microsoft/mdatp/mdatp_onboard.json
-      register: mdatp_onboard
-
-    - name: Extract WindowsDefenderATPOnboardingPackage.zip into /etc/opt/microsoft/mdatp
-      unarchive:
-        src: WindowsDefenderATPOnboardingPackage.zip
-        dest: /etc/opt/microsoft/mdatp
-        mode: 0600
-        owner: root
-        group: root
-      when: not mdatp_onboard.stat.exists
-    ```
+   ```bash
+   - name: Create MDATP directories
+     file:
+       path: /etc/opt/microsoft/mdatp/
+       recurse: true
+       state: directory
+       mode: 0755
+       owner: root
+       group: root
+
+   - name: Register mdatp_onboard.json
+     stat:
+       path: /etc/opt/microsoft/mdatp/mdatp_onboard.json
+     register: mdatp_onboard
+
+   - name: Extract WindowsDefenderATPOnboardingPackage.zip into /etc/opt/microsoft/mdatp
+     unarchive:
+       src: WindowsDefenderATPOnboardingPackage.zip
+       dest: /etc/opt/microsoft/mdatp
+       mode: 0600
+       owner: root
+       group: root
+     when: not mdatp_onboard.stat.exists
+   ```
+
+2. Add the Defender for Endpoint repository and the key, `add_apt_repo.yml`. Defender for Endpoint on Linux can be deployed from one of the following channels:
+
+   - *insiders-fast*, denoted as `[channel]`
+    *insiders-slow*, denoted as `[channel]`
+   - *prod*, denoted as `[channel]` using the version name (see [Linux Software Repository for Microsoft Products](/linux/packages))
+
+   Each channel corresponds to a Linux software repository.
 
-- Add the Defender for Endpoint repository and key, `add_apt_repo.yml`:
-
-    Defender for Endpoint on Linux can be deployed from one of the following channels:
-    - *insiders-fast*, denoted as `[channel]`
-    - *insiders-slow*, denoted as `[channel]`
-    - *prod*, denoted as `[channel]` using the version name (see [Linux Software Repository for Microsoft Products](/linux/packages))
-
-    Each channel corresponds to a Linux software repository.
-
-    The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insiders-fast* are the first ones to receive updates and new features, followed later by *insiders-slow*, and lastly by *prod*.
-
-
-    In order to preview new features and provide early feedback, it's recommended that you configure some devices in your enterprise to use either *insiders-fast* or *insiders-slow*.
-
-    > [!WARNING]
-    > Switching the channel after the initial installation requires the product to be reinstalled. To switch the product channel: uninstall the existing package, re-configure your device to use the new channel, and follow the steps in this document to install the package from the new location.
-
-    Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/[distro]/`.
-
-    In the following commands, replace *[distro]* and *[version]* with the information you've identified.
-
-    > [!NOTE]
-    > In case of Oracle Linux and Amazon Linux 2, replace *[distro]* with "rhel". For Amazon Linux 2, replace *[version]* with "7". For Oracle Linux, replace *[version]* with the version of Oracle Linux.
-
-  ```bash
-  - name: Add Microsoft APT key
-    apt_key:
-      url: https://packages.microsoft.com/keys/microsoft.asc
-      state: present
-    when: ansible_os_family == "Debian"
-
-  - name: Add Microsoft apt repository for MDATP
-    apt_repository:
-      repo: deb [arch=arm64,armhf,amd64] https://packages.microsoft.com/[distro]/[version]/prod [codename] main
-      update_cache: yes
-      state: present
-      filename: microsoft-[channel]
-    when: ansible_os_family == "Debian"
-
-  - name: Add Microsoft DNF/YUM key
-    rpm_key:
-      state: present
-      key: https://packages.microsoft.com/keys/microsoft.asc
-    when: ansible_os_family == "RedHat"
-
-  - name: Add  Microsoft yum repository for MDATP
-    yum_repository:
-      name: packages-microsoft-[channel]
-      description: Microsoft Defender for Endpoint
-      file: microsoft-[channel]
-      baseurl: https://packages.microsoft.com/[distro]/[version]/[channel]/ 
-      gpgcheck: yes
-      enabled: Yes
-    when: ansible_os_family == "RedHat"
-  ```
-
-- Create the Ansible install and uninstall YAML files.
-
-    - For apt-based distributions, use the following YAML file:
-
-        ```bash
-        cat install_mdatp.yml
-        ```
-        ```Output
-        - hosts: servers
-          tasks:
-            - name: include onboarding tasks
-              import_tasks:
-                file: ../roles/onboarding_setup.yml
-            - name: add apt repository
-              import_tasks:
-                file: ../roles/add_apt_repo.yml
-            - name: Install MDATP
-              apt:
-                name: mdatp
-                state: latest
-                update_cache: yes
-        ```
-
-        ```bash
-        cat uninstall_mdatp.yml
-        ```
-        ```Output
-        - hosts: servers
-          tasks:
-            - name: Uninstall MDATP
-              apt:
-                name: mdatp
-                state: absent
-        ```
-
-    - For dnf-based distributions, use the following YAML file:
-
-        ```bash
-        cat install_mdatp_dnf.yml
-        ```
-        ```Output
-        - hosts: servers
-          tasks:
-            - name: include onboarding tasks
-              import_tasks:
-                file: ../roles/onboarding_setup.yml
-            - name: add apt repository
-              import_tasks:
-                file: ../roles/add_yum_repo.yml
-            - name: Install MDATP
-              dnf:
-                name: mdatp
-                state: latest
-                enablerepo: packages-microsoft-[channel]
-        ```
-
-        ```bash
-        cat uninstall_mdatp_dnf.yml
-        ```
-        ```Output
-        - hosts: servers
-          tasks:
-            - name: Uninstall MDATP
-              dnf:
-                name: mdatp
-                state: absent
-        ```
+   The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insiders-fast* are the first ones to receive updates and new features, followed later by *insiders-slow*, and lastly by *prod*.
+
+   In order to preview new features and provide early feedback, it's recommended that you configure some devices in your enterprise to use either *insiders-fast* or *insiders-slow*.
+
+   > [!WARNING]
+   > Switching the channel after the initial installation requires the product to be reinstalled. To switch the product channel: uninstall the existing package, re-configure your device to use the new channel, and follow the steps in this document to install the package from the new location.
+
+3. Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/[distro]/`.
+
+4. In the following commands, replace *[distro]* and *[version]* with the information you've identified.
+
+   > [!NOTE]
+   > In case of Oracle Linux and Amazon Linux 2, replace *[distro]* with "rhel". For Amazon Linux 2, replace *[version]* with "7". For Oracle Linux, replace *[version]* with the version of Oracle Linux.
+
+   ```bash
+   - name: Add Microsoft APT key
+     apt_key:
+       url: https://packages.microsoft.com/keys/microsoft.asc
+       state: present
+     when: ansible_os_family == "Debian"
+
+   - name: Add Microsoft apt repository for MDATP
+     apt_repository:
+       repo: deb [arch=arm64,armhf,amd64] https://packages.microsoft.com/[distro]/[version]/prod [codename] main
+       update_cache: yes
+       state: present
+       filename: microsoft-[channel]
+     when: ansible_os_family == "Debian"
+
+   - name: Add Microsoft DNF/YUM key
+     rpm_key:
+       state: present
+       key: https://packages.microsoft.com/keys/microsoft.asc
+     when: ansible_os_family == "RedHat"
+
+   - name: Add  Microsoft yum repository for MDATP
+     yum_repository:
+       name: packages-microsoft-[channel]
+       description: Microsoft Defender for Endpoint
+       file: microsoft-[channel]
+       baseurl: https://packages.microsoft.com/[distro]/[version]/[channel]/ 
+       gpgcheck: yes
+       enabled: Yes
+     when: ansible_os_family == "RedHat"
+   ```
+
+5. Create the Ansible install and uninstall YAML files.
+
+   - For apt-based distributions, use the following YAML file:
+
+      ```bash
+      cat install_mdatp.yml
+      ```
+      
+      ```Output
+      - hosts: servers
+        tasks:
+          - name: include onboarding tasks
+            import_tasks:
+              file: ../roles/onboarding_setup.yml
+          - name: add apt repository
+            import_tasks:
+              file: ../roles/add_apt_repo.yml
+          - name: Install MDATP
+            apt:
+              name: mdatp
+              state: latest
+              update_cache: yes
+      ```
+
+      ```bash
+      cat uninstall_mdatp.yml
+      ```
+      
+      ```Output
+      - hosts: servers
+        tasks:
+          - name: Uninstall MDATP
+            apt:
+              name: mdatp
+              state: absent
+      ```
+
+   - For dnf-based distributions, use the following YAML file:
+
+      ```bash
+      cat install_mdatp_dnf.yml
+      ```
+      
+      ```Output
+      - hosts: servers
+        tasks:
+          - name: include onboarding tasks
+            import_tasks:
+              file: ../roles/onboarding_setup.yml
+          - name: add apt repository
+            import_tasks:
+              file: ../roles/add_yum_repo.yml
+          - name: Install MDATP
+            dnf:
+              name: mdatp
+              state: latest
+              enablerepo: packages-microsoft-[channel]
+      ```
+
+      ```bash
+      cat uninstall_mdatp_dnf.yml
+      ```
+      
+      ```Output
+      - hosts: servers
+        tasks:
+          - name: Uninstall MDATP
+            dnf:
+              name: mdatp
+              state: absent
+      ```
 
 ## Apply the playbook
 
 In this step, you apply the playbook. Run the tasks files under `/etc/ansible/playbooks/` or relevant directory.
 
-- Installation:
+1. Installation:
 
-  ```bash
-  ansible-playbook /etc/ansible/playbooks/install_mdatp.yml -i /etc/ansible/hosts
-  ```
+   ```bash
+   ansible-playbook /etc/ansible/playbooks/install_mdatp.yml -i /etc/ansible/hosts
+   ```
 
-  > [!IMPORTANT]
-  > When the product starts for the first time, it downloads the latest antimalware definitions. Depending on your Internet connection, this can take up to a few minutes.
+   > [!IMPORTANT]
+   > When the product starts for the first time, it downloads the latest antimalware definitions. Depending on your Internet connection, this can take up to a few minutes.
 
-- Validation/configuration:
+2. Validation/configuration:
 
-  ```bash
-  ansible -m shell -a 'mdatp connectivity test' all
-  ```
-  ```bash
-  ansible -m shell -a 'mdatp health' all
-  ```
+   ```bash
+   ansible -m shell -a 'mdatp connectivity test' all
+   ```
+  
+   ```bash
+   ansible -m shell -a 'mdatp health' all
+   ```
 
-- Uninstallation:
+3. Uninstallation:
 
-  ```bash
-  ansible-playbook /etc/ansible/playbooks/uninstall_mdatp.yml -i /etc/ansible/hosts
-  ```
+   ```bash
+   ansible-playbook /etc/ansible/playbooks/uninstall_mdatp.yml -i /etc/ansible/hosts
+   ```
 
 ## Troubleshoot installation issues
 
-For self-troubleshooting, do the following
+For self-troubleshooting, follow these steps:
 
 1. For information on how to find the log that's generated automatically when an installation error occurs, see [Log installation issues](linux-resources.md#log-installation-issues).
 
@@ -470,13 +473,9 @@ When upgrading your operating system to a new major version, you must first unin
 ## See also
 
 - [Add or remove YUM repositories](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/yum_repository_module.html)
-
 - [Manage packages with the dnf package manager](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/dnf_module.html)
-
 - [Add and remove APT repositories](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_repository_module.html)
-
 - [Manage apt-packages](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/apt_module.html)
-
 - [Missing event issues](/defender-endpoint/linux-support-events)
 
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
