Merged PR 4861: Merge atp-troubleshoot-server to master

windows/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md

@@ -40,6 +40,7 @@ To onboard your servers to Windows Defender ATP, you’ll need to:
 >[!TIP]
 > After onboarding the endpoint, you can choose to run a detection test to verify that an endpoint is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Windows Defender ATP endpoint](run-detection-test-windows-defender-advanced-threat-protection.md).
 
+
 ### Turn on Server monitoring from the Windows Defender Security Center portal
 
 1. In the navigation pane, select **Endpoint management** > **Servers**. 
@@ -48,7 +49,7 @@ To onboard your servers to Windows Defender ATP, you’ll need to:
 
     ![Image of server onboarding](images/atp-server-onboarding.png)
 
-
+<span id="server-mma"/>
 ### Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Windows Defender ATP 
 
 1.	Download the agent setup file: [Windows 64-bit agent](https://go.microsoft.com/fwlink/?LinkId=828603).
@@ -62,6 +63,7 @@ To onboard your servers to Windows Defender ATP, you’ll need to:
 
 Once completed, you should see onboarded servers in the portal within an hour.
 
+<span id="server-proxy"/>
 ### Configure server endpoint proxy and Internet connectivity settings 
 - Each Windows server must be able to connect to the Internet using HTTPS. This connection can be direct, using a proxy, or through the [OMS Gateway](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-oms-gateway).
 - If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service:

windows/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md

@@ -17,11 +17,9 @@ ms.date: 11/21/2017
 
 **Applies to:**
 
-- Windows 10 Enterprise
-- Windows 10 Education
-- Windows 10 Pro
-- Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- Windows Server 2012 R2
+- Windows Server 2016
 
 
 
@@ -265,6 +263,31 @@ If the verification fails and your environment is using a proxy to connect to th
 
     ![Image of registry key for Windows Defender Antivirus](images/atp-disableantispyware-regkey.png)
 
+
+## Troubleshoot onboarding issues on a server
+If you encounter issues while onboarding a server, go through the following verification steps to address possible issues.
+
+- [Ensure Microsoft Monitoring Agent (MMA) is installed and configured to report sensor data to the service](configure-server-endpoints-windows-defender-advanced-threat-protection.md#server-mma)
+- [Ensure that the server endpoint proxy and Internet connectivity settings are configured properly](configure-server-endpoints-windows-defender-advanced-threat-protection.md#server-proxy)
+
+You might also need to check the following:
+- Check that there is a Windows Defender Advanced Threat Protection Service running in the **Processes** tab in **Task Manager**. For example:
+
+    ![Image of process view with Windows Defender Advanced Threat Protection Service running](images/atp-task-manager.png)
+
+- Check **Event Viewer** > **Applications and Services Logs** > **Operation Manager** to see if there are any errors.
+
+- In **Services**, check if the **Microsoft Monitoring Agent** is running on the server. For example, 
+
+    ![Image of Services](images/atp-services.png)
+
+- In **Microsoft Monitoring Agent** > **Azure Log Analytics (OMS)**, check the Workspaces and verify that the status is running. 
+
+    ![Image of Microsoft Monitoring Agent Properties](images/atp-mma-properties.png)
+
+- Check to see that machines are reflected in the **Machines list** in the portal. 
+
+
 ## Licensing requirements
 Windows Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers: