Tenant-based Microsoft Defender for Cloud (Preview) installs but does not exist

Question

Tenant-based Microsoft Defender for Cloud (Preview) installs but does not exist

fujiant opened this issue 5 months ago · comments

Describe the bug
I have deployed a Sentinel all in one deployment that installed and connected the legacy Defender for Cloud subscription based connector. I tried to install the latest Defender for Cloud solution from Content Hub, but the install ended up in an error because the legacy connector already existed. I removed the legacy connector and tried a reinstall from Content Hub and it seemingly worked, but I get an error that says "Data Connector Not Found - The data connector that corresponds to the data type MicrosoftDefenderForCloudTenantBased could not be found" when I try to open the data connector page for the tenant-based preview connector.

I uninstalled the solution and its components from Content Hub blade, and also deleted all Defender for Cloud connectors from Data Connector blade, and then proceeded to install again from Content Hub. The issue still remains, I get an error "Data Connector Not Found - The data connector that corresponds to the data type MicrosoftDefenderForCloudTenantBased could not be found" when trying to access the data connector page of the tenant based connector.

The legacy data connector seems to work without issues while the tenant based does not.

To Reproduce
Steps to reproduce the behavior:

Deploy a sentinel all in one build that enables the subscription based legacy data connector for Defender for Cloud
Try to install Defender for Cloud solution from Content Hub, ends up in error
Disconnect and delete Defender for Cloud legacy connector
Try to reinstall from Content Hub
Both Preview and Legacy connector show up in the Data Connectors blade of Sentinel
Accessing the Preview Connector page results in an error
Deleting the data connectors and deleting from Content Hub and starting over do not fix this.

Expected behavior
Data Connector page for the Tenant based preview connector accessible in the Sentinel UI.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

OS: Windows 10
Browser Chrome
Version Latest

v-sudkharat · Answer 1 · Fri May 17 2024 20:25:19 GMT+0800 (China Standard Time)

Hi @fujiant, Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 28-05-2024 Thanks!

v-sudkharat · Answer 2 · Tue May 21 2024 15:46:37 GMT+0800 (China Standard Time)

Hi @fujiant, could you please try it once using custom deploy the Solution MainTemplate and check whether your issue get resolved.
Sharing the MainTemplate and Custom deployment steps-

Custom Deployment - Custom Deployment of the Solution - Copy.docx

Main template: - mainTemplate.json

Thanks!

Antti Järvinen · Answer 3 · Tue May 21 2024 16:42:09 GMT+0800 (China Standard Time)

I checked the situation today and for some reason it now works. I have done nothing on my end apart from leaving it as is. Seems that there was some sort of an Azure backend delay?

v-sudkharat · Answer 4 · Tue May 21 2024 17:37:28 GMT+0800 (China Standard Time)

@fujiant, Maybe the solution does not get install/delete properly into the workspace.
As your issue has resolved, closing this issue. If you still need support for this issue, feel free to re-open it any time. Thank you for your co-operation.