Team:Huntress EDR
Product: Managed Antivirus
Environment:Huntress Dashboard
Summary: Why Exclusions show as Non-Compliant
If an exclusion is showing as Non-Compliant there are a few things this can mean.
- The exclusion is set in the Huntress portal at the account/org/machine level and isn't on that host. So, either the host:
- Didn't get the Policy
- is in audit mode (and thus didn't get the policy)
- There are exclusions already set locally on the machine (KB on resetting Defender to defaults). Possible sources of conflict:
- Domain Group Policy
- Local Group Policy
- Windows Security Center GUI
- PowerShell
- RMM
- There is a 3rd party AV that is interfering. KB on troubleshooting removal of 3rd party AV
- The machine is domain joined but unable to reach a domain controller (this is a Microsoft limitation on GPO's) You can test the connectivity with the following admin-level PoSh command:
Test-ComputerSecureChannel -Verbose
Comments
1 comment
Alan this article appears to have links to your internal resources; just want to give you a heads up in case that wasn't intentional
Please sign in to leave a comment.