Sunday, June 30, 2019

Win10Pro -> local group policy ( No Domain ) -> Lock Windows Defender Settings ( Force Firewall & Antivirus to be enabled)

I have a win10Pro 1709 OS. The computer is NOT connected to a Domain.



There is one user with user type "Administrator".



I want to configure Windows Defender ( Firewall & Antivirus) only with the local Computer Policy and disable the configuration through the local user interface "Control Panel".



This means that the possibility to disable the Windows Defender Firewall through the normal settings is disabled:



The Settings should be greyed out and a warning like "Some settings are managed by your organization" should appear:
enter image description here




I know that an administrator user can then use the gpedit.msc to change the settings, but he cannot use the "normal" settings app anymore.



I cannot find local Group Policy settings to do that.
The closest I can find is this:



Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Turn off Windows Defender Antivirus policy



I look for the opposite "force Windows Defender Antivirus/Firewall" to be enabled.

No comments:

Post a Comment

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...