Forum Discussion
Solved
Access denied error when updating Microsoft Defender from Fileshare
I read this document: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/deployment-vdi-microsoft-defender-antivirus?view=o365-worldwide and I created a share on a VM calle...
- We did, but we had to update MS Defender to the absolute latest version during the image build process. We used this process here: https://support.microsoft.com/en-us/topic/microsoft-defender-update-for-windows-operating-system-installation-images-1c89630b-61ff-00a1-04e2-2d1f3865450d
We also found that once it is working - if you set the update path post windows install it works, but says something like "it won't take effect until restart"... So I had to change that option during image build using a ps script:
Set-MpPreference -SharedSignaturesPath \\csabots2019\wdav-update - then reboot before sysprep.
Bottom line - the MS doc on how to do this is woefully incomplete.
We did, but we had to update MS Defender to the absolute latest version during the image build process. We used this process here: https://support.microsoft.com/en-us/topic/microsoft-defender-update-for-windows-operating-system-installation-images-1c89630b-61ff-00a1-04e2-2d1f3865450d
We also found that once it is working - if you set the update path post windows install it works, but says something like "it won't take effect until restart"... So I had to change that option during image build using a ps script:
Set-MpPreference -SharedSignaturesPath \\csabots2019\wdav-update - then reboot before sysprep.
Bottom line - the MS doc on how to do this is woefully incomplete.
We also found that once it is working - if you set the update path post windows install it works, but says something like "it won't take effect until restart"... So I had to change that option during image build using a ps script:
Set-MpPreference -SharedSignaturesPath \\csabots2019\wdav-update - then reboot before sysprep.
Bottom line - the MS doc on how to do this is woefully incomplete.
Funny, after I replied that's exactly what I found - the required reboot before changes took effect. I didn't want to bake those settings into my image, but here we are. I baked them in via PowerShell just like you have, and since doing that, updates have been working flawlessly.
NickPanaccio Nice! I should add we're just using configmgr to make the reference vdi image - so it was pretty simple to add another reboot.