Friday, September 23, 2016

SCCM Client Health check fails with third party antivirus on Windows 10 computers

Previously I explained how SCCM Client Health check process works, which describes general troubleshooting steps if you are having SCCM Client Health check issues.

Now about an exact issue - if you are using third party (something other than Microsoft) antivirus and health check fails on Windows 10 computers. Probably in ccmeval.log you also see that these checks are failing:
Verify/Remediate Antimalware service status for Windows 10 or up.
- Verify/Remediate Antimalware service startup type for Windows 10 or up.

So the root cause of this is that third party antivirus (or you have done it with group policy) has disabled Windows Defender from starting, but in the same time the computer has still left that Endpoint Protection has to be managed in Client Agent settings:

To resolve the issue you must remove Endpoint Protection policy from the computer. If SCCM client will not manage Endpoint Protection, then Client Health check will not perform tests againts Microsoft Antimalware and Windows Defender services.

No comments:

Post a Comment