Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Intune
  • GitHub
  • Windows 11
  • About the author
CCMEXEC.COM – Enterprise Mobility

Group Policy Result errors when Windows Defender is managed through Configuration Manager

Posted on March 8, 2016August 25, 2017 by Jörgen Nilsson

When managing Windows Defender on Windows 10 with Configuration Manager you will see an error when you use the Group Policy Management Console to view the Group Policy Result on a computer. Looking something like this.

Defender3The reason for this is that Configuration Manager writes the values that you set in a policy as DWORD but the Group Policy will write the values as String instead. That is the reason why the error “Registry Value…… is of unexpected type. Both will work so this is more a cosmetic error and basically only visible under Group Policy Result in GPMC.

It can be illustrated easy by creating a Group Policy that applies an exclusion for .wim and in the Configuration Manager Antimalware policy we create an exclusion for .iso. When looking at the registry key on a client under the Policies key we can see that the values are of different type.

Defender2

Is this a big problem, NO as the Windows Defender client reads and use both values in the example above so basically the only thing that is impacted is the Group Policy result view in GPMC. Note that I used the example above and applied different exclusions using GPO and Configuration Manager, this is not recommended to use in a production environment from a troubleshooting perspective.

  • Configuration Manager
  • Windows 10
  • Windows Defender
  • 3 thoughts on “Group Policy Result errors when Windows Defender is managed through Configuration Manager”

    1. chadwill says:
      March 9, 2016 at 10:23 am

      We use gpresult quite often, so i hope this gets fixed soon.. or is there a another way one can view gpresults? shifting antimalware policy over to gpo is not much of an option..

      Reply
    2. Mikw says:
      March 9, 2016 at 11:53 pm

      Thanks for finding the explanation! Did you manage to find a workaround though? So far the only solution we identified is unloading FEP/SCEP/Defender admx files from the central GPO store. But would be nice to be able to fix this issue (as we need to run gpresult on our clients time to time 🙂 and we’d like to have all GPO settings displayed in gpresult report.

      Reply
    3. John says:
      March 11, 2016 at 1:31 am

      “Is this a big problem, NO as the Windows Defender client reads and use both values in the example above so basically the only thing that is impacted is the Group Policy result view in GPMC.”

      Except when you’re trying to troubleshoot a Group Policy issue….. As it renders the Group Policy result view of Computer settings null. How do we fix it??

      Reply

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
    All code is provided "AS-IS" with no warranties.

    Tweets by ccmexec

    Recent Posts

    • Windows Servicing, Personal Teams and Success.cmd
    • Windows MDM Security Baseline – Settings Catalog
    • Configuring MS Edge Security Baseline v107 using Settings Catalog
    • Configuring Desktop App Installer using CSP and script?!
    • Customizing Taskbar and Start in Windows 11 22h2 with PowerShell

    ©2023 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
    This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
    Privacy & Cookies Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT