EnableRemoteManagedDefaults
EnableRemoteManagedDefaults specifies whether to configure Microsoft Defender to be remotely managed using recommended default settings:
| Name | Default setting for remote management of Microsoft Defender |
|---|---|
Scan\CheckForSignaturesBeforeScan |
true |
Scan\AvgCPULoadFactor |
20 |
Threats\ThreatSeverityDefaultAction |
quarantine |
Scan\DisableRestorePoint |
false |
Scan\DisableReparsePoint |
false |
UX Configuration\UILockdown |
true |
Quarantine\PurgeItemsAfterDelay |
35 days |
Signature Updates\SignatureUpdateInterval |
11 hours |
Signature Updates\FallbackOrder |
InternalDefinitionUpdateServer|MicrosoftUpdateServer|MMPC |
Scan\DisableRemovableDriveScanning |
false |
Scan\DisableScanningNetworkFiles |
true |
If configured, Microsoft Defender will not display any user interface on the local computer. The default settings can still be overridden using Group Policy.
Microsoft Defender is an application that can prevent, remove, and quarantine malware (malicious software) and spyware.
Values
true |
Configures Microsoft Defender for remote management. |
false |
Does not configure Microsoft Defender for remote management. This is the default value. |
Valid Configuration Passes
oobeSystem
offlineServicing
specialize
Parent Hierarchy
Security-Malware-Windows-Defender | EnableRemoteManagedDefaults
Applies To
For Windows Windows Server 2016 editions, Microsoft Defender is installed with the operating system.
For Windows Server 2012, Windows Server 2008 R2 and Windows Server 2008, Microsoft Defender is installed with the Desktop Experience Pack.
For a full list of the Windows editions and architectures that this component supports, see Security-Malware-Windows-Defender.
XML Example
The following XML output shows how to Microsoft Defender to be remotely managed using recommended default settings.
<EnableRemoteManagedDefaults>true</EnableRemoteManagedDefaults>