When defining Scanner exclusions for Microsoft Defender. There are 3 folders which you might want to exclude.
Excluding these will exclude all defender scannings, on folders.
Creating Group policy
Open your Group policy management Console.
Browse to Group Policy Objects. This is found under.
Forest:”Your Domain name” → Domains → “Your Domain name“ → Group Policy Objects
Right click to create a new Group policy :
Give it a name :
Click OK. Now you have created an Empty policy. Now you should edit your newly created policy.
Now Browse to
Computer Configuration → Policies → Administrative Templates → Windows Components → Windows Defender Antivirus → Exclusions
Here you have the options for adding exclusions.
We are adding folders to exclude. This setting will disable all defender scanning in these folders.
Click Show to edit list of folders to exclude.
Here we have added the basic Capainstaller folders.
Click OK and your policy are now ready for deployment.
Basic deployment :
Deploy policy by linking it to an Organization Unit (OU).
Browse to the OU. (You should test First).
Right click and choose “Link an Existing GPO”.
Choose your newly created policy.
Click OK
Now test your policy on Client/s that should be afftected by the new policy