Official information from Microsoft
Microsoft Entra Connect Health agents are not officially supported on Windows Core servers.
Windows Server Core doesn't support installing the Microsoft Entra Connect Health agent.
source : https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-health-agent-install
Entra Connect Health for ADDS and DC in Server Core - workaround
To minimize the attack surface, many domain controllers are now in Server Core Edition.
The Entra Connect for ADDS agent health installs without issues, but running Register-MicrosoftEntraConnectHealthAgent esults in an error message.
To fix this issue, install the compatibility pack.
# Enable TLS1.2 in the current PowerShell session
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
# Install compatibility pack
Add-WindowsCapability -Online -Name ServerCore.AppCompatibility~~~~0.0.1.0(If the previous command failed, try one more time).
Restart the server.
The Register-MicrosoftEntraConnectHealthAgent command will succeed.
You can now run the Register-MicrosoftEntraConnectHealthAgent command without any problem. Your DC will now appear in Entra ID Connect Health.
Previous Post
KQL query examples for Microsoft Entra ID with Log Analytics (updated June 2025)
Next Post
Entra Connect health for ADDS sur serveur Core
Comments