Windows PowerShell:- Adding windows defender exclusions

Article
1/17/2024

If you are running Exchange, you are aware that you need to exclude certain folders, processes etc. from scanning for Exchange to run optimally.

Now if you have System Center Configuration Manager (SCCM) in your environment, adding exclusions is easy and you can paste many lines in to the list.

However with no SCCM and just a + button you can only add 1 item at a time. With so many exclusions for Exchange, this can be rather tedious.

Here is a sample of adding an exclusion with Powershell:

Add-MpPreference -ExclusionPath “%ExchangeInstallPath%ClientAccess\OAB”

https://everything-powershell.com/wp-content/uploads/2019/07/image-1.png

You can refresh Windows Defender in Settings and you will now see the above path excluded.

https://everything-powershell.com/wp-content/uploads/2019/07/image-2-1024x316.png

If you wanted to exclude an extension then you can run this command:

Add-MpPreference -ExclusionExtension ".chk"

https://everything-powershell.com/wp-content/uploads/2019/07/image-3.png https://everything-powershell.com/wp-content/uploads/2019/07/image-4-1024x330.png

Share via

Windows PowerShell:- Adding windows defender exclusions

Additional resources