Forum Discussion
MDE conflicting with Microsoft Endpoint Configuration Manager Distribution points
Hi All, I have a strange issue with MDE and Configuration Manager, ever since I onboarded my Site server (Server 2012 R2) and Distribution points(Server 2016) I have been having very strange issues ...
Very sorry I was in a rush and looks like I missed out detail!
When MDE is monitoring the servers and I try distribute content (mainly Driver packages and Software Update packages) the content constantly fails to distribute it's not unusual to have 5-8 retries, sometimes it wont even begin and I will need to restart the site server or the distribution points. If MDE is not monitoring the configuration manager servers then all is fine.
When MDE is monitoring the servers and I try distribute content (mainly Driver packages and Software Update packages) the content constantly fails to distribute it's not unusual to have 5-8 retries, sometimes it wont even begin and I will need to restart the site server or the distribution points. If MDE is not monitoring the configuration manager servers then all is fine.
Not a problem and thank you for elaborating on the issue. It could be MDE related and will also depend on the kind of policies applied. Are you using additional features like ASR, Controlled Folder Access? You may have to look at excluding the DP content locations.
- I am using ASR but the issue began before I applied ASR and I have been sure not to apply the ASR policy's that are not recommended to be used with MECM, not using Controlled Folder Access. I have applied the recommended exclusions to Microsoft Defender AV however this is not for MDE, it does not look like you can apply exclusions for MDE only Microsoft Defender AV.
- Then AV exclusions should suffice. Did you try running advanced hunting queries? Maybe check against AV based action type. Have a look some of the blog posts I have published on this topic. It may just help you. https://rahuljindalmyit.blogspot.com/search?q=Hunting
Hi rahuljindal
I added AV exclusions about a month ago as per this Microsoft Doc "https://docs.microsoft.com/en-us/troubleshoot/mem/configmgr/recommended-antivirus-exclusions" But yet I am still seeing the issue, if I offboard MDE but keep Microsoft Defender AV running the issue stops. I have ran a few queries in advanced hunting but I cannot see anything that is being blocked that could be causing this issue.