Back to Blog
![]() ![]() Other point, may some problem, i also configured this:Ĭloud protection service membership type = Do not join CPSĪllow users to modify cloud protection service settings = noĮnable auto file submission to help Microsoft determinewhether certain detected items are Malicious = noĪllow users to modify auto sample file submission settings = noĮPAMPolicy. Is there any possibility to achieve the same only with SCCM? Most users have no admin rights and are not able to do it but on some devices we have users who have admin rights and really need them but i want to prevent them to be able to lower security. Only if i create a gpo with defender and combine it with SCCM, no one is able to disable real time protection (its greyed out “managed by your organization”). Configured this:Įnable real-time protection = yesAllow users on client computers to configure real-time protection settings = noīut if i check the security center in Windows 10 i can still switch off “real time protection” with admin rights. I created a new Antimalware Policy and deployed it to my test collection and deployment works. ![]() The services of Symantec Endpoint Protection are grayed out. Search for Symantec Endpoint Protection and double click on the name. SCCM/MECM 2010 and Win10 1809 LTSC & 20H2. Disable Symantec Endpoint Protection (SEP) through Windows Services Click on Windows Start and search for services. We are migrating from Symantec to Defender and i have some test computers to try migration and configure settings. I asked this question already on Microsoft Q&A and Reddit but did not succeed so i try it here… ![]()
0 Comments
Read More
Leave a Reply. |