Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
1,091 questions
Defender Antivirus exclusion user variables
Craig Garland
236
Reputation points
Hi Guys,
I hope someone has an answer for this.
I am looking to exclude a folder in Defender endpoint. The issue is that I want to exclude a folder based on the login username. EG: c:\Folder\Username.
I assume that I could just you the variable %username% but it looks like this does not work. I found an article that says it is invalid, and if I run MpCmdrun -checkexclusion -path c:\Folder\Username. is not excluded.
Does anyone know how to exclude a folder based on the signed in username?
Regards
Craig
{count} votes
-
JamesTran-MSFT 29,716 Reputation points Microsoft Employee2023-05-26T20:31:27.9166667+00:00 Thank you for your post!
I understand that you're looking to exclude a folder in Defender for endpoint based on the login username (for example -
c:\Folder\Username), but when using the%username%variable the folder still isn't being excluded.I'm not too familiar with Microsoft Defender Antivirus within Defender for endpoint, but to hopefully help point you in the right direction, instead of excluding a folder based on username have you looked into configuring exclusions based on the folder location or the specific username? For example -
c:\users\* or %user001%\Desktop
Additional Links:
- Configure and validate exclusions - System environment variables
- Use wildcards in the file name and folder path or extension exclusion lists
If you're still having issues, I'd also recommend reaching out to the Microsoft Defender for Endpoint Community Center so the Defender for Endpoint experts can take a closer look into your issue as well.
I hope this helps!
Thank you for your time and patience throughout this issue.
Sign in to comment