Share via

Initiate MDE scan for remote device

Mohammed Altamash Mohammed Suleman Khan 2,331 Reputation points
2024-10-15T09:01:23.8533333+00:00

How can i initiate a quick / Full scan from remote a device.

Pre-condition: Source & target device can ping each other, same network. & both have onboarded to MDE and have updated defender.

Note: I dont want to initiate scan from endpoint portal or schedule it. Need powershell or CMD commands to manually initiate a scan.

Tried : Invoke-Command -ComputerName "remotedevice" -ScriptBlock { Start-MpScan -ScanType QuickScan }

the scan stuck for hours but nothing happened. The last scan time didnt change on defender portal.

Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Accepted answer
  1. Givary-MSFT 35,626 Reputation points Microsoft Employee Moderator
    2024-10-15T11:04:42.3333333+00:00

    @alta94 Thank you for reaching out to us, based on my research along with start-mpscan you need to leverage New-CimSession cmdlet to run the scan remotely via PowerShell

    Reference:

    https://learn.microsoft.com/en-us/powershell/module/cimcmdlets/new-cimsession?view=powershell-7.4

    https://learn.microsoft.com/en-us/powershell/module/defender/start-mpscan?view=windowsserver2022-ps#:~:text=False-,%2DCimSession,-Runs%20the%20cmdlet

    https://www.kapilarya.com/how-to-use-windows-powershell-to-scan-windows-10

    Let me know if the above mentioned articles help to resolve your ask, else feel free to post back will be happy to research further on this and assist you.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.