If there is no scheduled scan configured, there will be no catch-up scan run.
If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer. If you enable this setting, catch-up scans for scheduled scans will be turned on. Usually these scheduled scans are missed because the computer was turned off at the scheduled time. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. This policy setting allows you to configure catch-up scans for scheduled scans (quick- or full scan). The default OS configuration/behavior, catch-up scans for both quick- or full scans are turned off.Ĭatch-up scan value as part of the device restriction policy export. A block results in a $False which effectively enables the catch-up scan, which is confusing and might lead to unintentional configuration(s) The effective catch-up scan configuration on a Windows 10 client. However, in practice this appeared to be the exact opposite. If you set Block catch-up scan will be turned off.
The real catchĭuring acceptance tests we noticed the catch-up scans didn’t occur for both quick- and full scans on Windows 10 clients.īased on the Microsoft Endpoint Manager UI and provided outline, Not configured implies a catch-up scan is enabled. The catch-up scan block results in the opposite configuration the UI implies.ĭuring an end-to-end multi-platform migration (including Windows 10, macOS, Windows Servers and Linux) of a 3rd party AV solution to Microsoft Defender (ATP) we noticed some striking behavior. If you are using Microsoft Defender Antivirus and managing your Windows 10 clients via co-management (Microsoft Endpoint Configuration Manager (MECM) or Microsoft Endpoint Manager (MEM), this blog might be interesting for you. Update: Microsoft confirmed this behavior and will correct this in the next Microsoft Intune update release, most probably the March update 2003.
0 kommentar(er)
