This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 55.00000000000001%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Hello,
I would like to get the list of exclusions:
Assets and Compliance > Overview > Endpoint Protection > Antimalware policies > <<Policy name>>
Right Click on the policy > Properties
I want the list of the 3 sets of exclusions for this policy, how to do this?
Thanks,
Dom
You are right, I did not notice that the command Get-CMAntiMalwarePolicy only works for the "Default Client malware policy".
Export-CMAntiMalwarePolicy works well for all policies. Thanks for your update. This difference may be by design.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
What is wrong with copy and pasting the results?
Hello,
Apparently the copy/paste does work only line by line but not as a global copy of all exclusions for one setting this does not work... Ctrl A/Ctrl C then Ctrl V.
Thanks,
Dom
Thank you for posting in Microsoft Q&A forum.
We can use the powershell command to get the result to a txt file:
Get-CMAntiMalwarePolicy -Id "xxxxxxxx" | Out-File -FilePath C:\temp\OUTPUT.txt
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hello,
PS C:\Windows\system32> Get-ExecutionPolicy -List
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser Bypass
LocalMachine RemoteSigned
I got an error:
PS C:\Windows\system32> Get-CMAntimalwarePolicy
Get-CMAntimalwarePolicy : This command cannot be run from the current drive. To run this command you must first connect to a Configuration
Manager drive.
At line:1 char:1
So I did the connection:
I checked the executionpolicy:
PS C:\Windows\system32> get-executionpolicy
AllSigned
PS C:\Windows\system32> Set-ExecutionPolicy RemoteSigned
Set-ExecutionPolicy : Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell' is
denied. To change the execution policy for the default (LocalMachine) scope, start Windows PowerShell with the "Run as administrator"
option. To change the execution policy for the current user, run "Set-ExecutionPolicy -Scope CurrentUser".
At line:1 char:1
How do I get the "Run As Administrator" in the CM Console?
Thanks,
Dom
Hello,
I found a way to get the command working
Open PowerShell ISE > Run As Administrator (in Windows)
Copy the ISEConnect file from the console
Run it
Pass the command...
Get-CMAntiMalwarePolicy -Id "xxxxxxxx" | Out-File -FilePath C:\temp\OUTPUT.txt
but now where do I find the ID of the Malware Policy?
Thanks,
Dom