Windows Defender Troubleshooting mode not working.

Copper Contributor

We are testing putting a server into Troubleshooting mode to allow a user to install apps on their server.

I cab put the server into Troubleshooting mode from within the Defender portal.

Under Timeline I see that it says “Troubleshooting mode is enabled”.

 

To test this, I should be able to go to the server and look at the Service. But the service is still running.

 

I need to be able to show the user that Defender is not running, or they won’t waste the time trying to install their app.

3 Replies

My understanding is Troubleshooting Mode only enables the local admin to make settings changes, it does not make any changes by itself. So you would have to turn off the service or disable the feature yourself, then perform your troubleshooting.

@jbmartin6 is right. The troubleshooting mode permits an administrator to modify Defender settings on a temporary basis. Initially, you must turn off tamper protection by using the command Set-MPPreference -DisableTamperProtection $true, followed by adjusting other settings such as RealTimeProtection.

Unfortunately, the only way I found to disable defender to allow the install was to Offboard the servers. I will just need to Onboard them again when done.