Team: Huntress Managed Endpoint Detection and Response (EDR)
Product: Huntress Managed Antivirus
Environment: Huntress Dashboard
Summary: Why Exclusions show as Non-Compliant
If an exclusion is showing as Non-Compliant there are a few things this can mean.
- The exclusion is set in the Huntress portal at the account/org/machine level and isn't on that endpoint. So, either the endpoint:
- Didn't get the Policy
- is in audit mode (and thus didn't get the policy)
- There are exclusions already set locally on the machine (KB on resetting Defender to defaults). Possible sources of conflict:
- Domain Group Policy
- Local Group Policy
- Windows Security Center GUI
- PowerShell
- RMM
- There is a 3rd party AV that is interfering. KB on troubleshooting removal of 3rd party AV
- The machine is domain joined but unable to reach a domain controller (this is a Microsoft limitation on GPO's) You can test the connectivity with the following admin-level PoSh command:
Test-ComputerSecureChannel -Verbose