Skip to main content

Hello,

We're deploying MS Defender, but need some help with how to remove or hide the "Exclusion" option from MS Defender user interface, if it's possible. My current configuration "MDATP MDAV configuration settings" appears to enable to exclude a default path, but I prefer to not have "Exclusion" option available or visible.

 

You need to set the value of exclusionsMergePolicy to admin_only as in the below.

<key>exclusionsMergePolicy</key> <string>admin_only</string>

This will disable it and leave text that it is blocked by policy. 


You need to set the value of exclusionsMergePolicy to admin_only as in the below.

<key>exclusionsMergePolicy</key> <string>admin_only</string>

This will disable it and leave text that it is blocked by policy. 


Thank you that worked!