Group Policy Result errors when Windows Defender is managed through Configuration Manager

When managing Windows Defender on Windows 10 with Configuration Manager you will see an error when you use the Group Policy Management Console to view the Group Policy Result on a computer. Looking something like this.

Defender3The reason for this is that Configuration Manager writes the values that you set in a policy as DWORD but the Group Policy will write the values as String instead. That is the reason why the error “Registry Value…… is of unexpected type. Both will work so this is more a cosmetic error and basically only visible under Group Policy Result in GPMC.

It can be illustrated easy by creating a Group Policy that applies an exclusion for .wim and in the Configuration Manager Antimalware policy we create an exclusion for .iso. When looking at the registry key on a client under the Policies key we can see that the values are of different type.


Is this a big problem, NO as the Windows Defender client reads and use both values in the example above so basically the only thing that is impacted is the Group Policy result view in GPMC. Note that I used the example above and applied different exclusions using GPO and Configuration Manager, this is not recommended to use in a production environment from a troubleshooting perspective.


Add a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.