deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 03:43:39 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update troubleshooting for UC

Browse Source
This commit is contained in:
Iaan D'Souza-Wiltshire
2017-09-07 15:24:11 -07:00
parent 8b37014f33
commit 0515bea69f
4 changed files with 86 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/deployment/update/update-compliance-get-started.md
View File

@ -32,7 +32,7 @@ Windows Error Reporting | watson.telemetry.microsoft.com
Online Crash Analysis | oca.telemetry.microsoft.com
4. To use Windows Defender Antivirus Assessment, devices must be protected by Windows Defender AV (and not a 3rd party AV program), and must have enabled [cloud-delivered protection](/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). For endpoints running Windows 10, version 1607 or earlier, Windows telemetry must also be set to **Enhanced**. See the [Windows Defender Antivirus in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) content library for more information on enabling, configuring, and validating Windows Defender AV.
4. To use Windows Defender Antivirus Assessment, devices must be protected by Windows Defender AV (and not a 3rd party AV program), and must have enabled [cloud-delivered protection](/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). For endpoints running Windows 10, version 1607 or earlier, [Windows telemetry must also be set to **Enhanced**](https://docs.microsoft.com/en-us/windows/configuration/configure-windows-telemetry-in-your-organization#enhanced-level). See the [Windows Defender Antivirus in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) content library for more information on enabling, configuring, and validating Windows Defender AV.
## Add Update Compliance to Microsoft Operations Management Suite

65
windows/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md Normal file
View File

@ -0,0 +1,65 @@
---
title: Collect diagnostic data for Update Compliance and Windows Defender AV
description: Use a tool to collect data to troubleshoot Update Compliance issues when using the Windows Defender AV Assessment add in
keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, windows defender av
search.product: eADQiWindows 10XVcnh
ms.pagetype: security
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: iaanw
ms.author: iawilt
ms.date: 09/06/2017
---
# Collect Update Compliance diagnostic data for Windows Defender AV Assessment
**Applies to:**
- Windows 10
**Audience**
- IT administrators
This topic describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Windows Defender AV Assessment section in the Update Compliance add-in.
Before attempting this process, ensure you have read the [Troublehsoot Windows Defender Antivirus reporting](troubleshoot-reporting.md) topic, met all require pre-requisites, and taken any other suggested troubleshooting steps.
1. On at least two endpoints that are not reporting or showing up in Update Compliance, obtain the .cab diagnostic file by following this process:
1. Open an administrator-level version of the commpand prompt:
1. Open the **Start** menu.
2. Type **cmd**. Right-click on **Command Prompt** and click **Run as administrator**.
3. Enter administrator credentials or approve the prompt.
2. Navigate to the Windows Defender directory. By default, this is C:\Program Files\Windows Defender, as in the following example:
```Dos
cd c:\program files\windows\defender
```
3. Enter the following command and press **Enter**
```Dos
mpcmdrun -getfiles
```
4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt, but by default it will be in C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab.
2. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us.
3. Send an email using the <a href="mailto:ucsupport@microsoft.com?subject=WDAV assessment issue&body=I+am+encountering+the+following+issue+when+using+Windows+Defender+AV+in+Update+Compliance%3a+%0d%0aI+have+provided+at+least+2+support+.cab+files+at+the+following+location%3a+%26lt%3baccessible+share%2c+including+access+details+such+as+password%26gt%3b%0d%0aMy+OMS+workspace+ID+is%3a+%0d%0aPlease+contact+me+at%3a">Update Compliance support email template</a>, and fill out the template with the following information:
```
I am encountering the following issue when using Windows Defender AV in Update Compliance:
I have provided at least 2 support .cab files at the following location: <accessible share, including access details such as password>
My OMS workspace ID is:
Please contact me at:
```
## Related topics
- [Troublehsoot Windows Defender Antivirus reporting](troubleshoot-reporting.md)

16
windows/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
View File

@ -39,13 +39,25 @@ There are three steps to troubleshooting these problems:
2. Check your connectivity to the Windows Defender cloud-based service
3. Submit support logs
>[!IMPORTANT]
>It typically takes 3 days for devices to start appearing in Update Compliance
## Confirm pre-requisites
In order for devices to properly show up in Update Compliance, you have to meet certain pre-requisites for both the Update Compliance service and for Windows Defender Antivirus protection:
In order for devices to properly show up in Update Compliance, you have to meet certain pre-requisites for both the Update Compliance service and for Windows Defender AV protection:
>[!div class="checklist]
>- Endpoints are using Windows Defender Antivirus as the sole antivirus protection app. Using any other antivirus app will cause Windows Defender AV to disable itself and the endpoint will not be reported in Update Compliance.
>- Endpoints are using Windows Defender Antivirus as the sole antivirus protection app. [Using any other antivirus app will cause Windows Defender AV to disable itself](windows-defender-antivirus-compatibility.md) and the endpoint will not be reported in Update Compliance.
> - [Cloud-delivered protection is enabled](enable-cloud-protection-windows-defender-antivirus.md).
> - Endpoints can [connect to the Windows Defender AV cloud](configure-network-connections-windows-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud)
> - If the endpoint is running Windows 10 version 1607 or earlier, [Windows 10 telemetry must be set to the Enhanced level](https://docs.microsoft.com/en-us/windows/configuration/configure-windows-telemetry-in-your-organization#enhanced-level).
> - It has been 3 days since all requirements have been met
If the abnove pre-requisites have all been met, you may need to proceed to the next step to collect diagnostic information and send it to us.
> [!div class="nextstepaction"]
> [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data-update-compliance-wdav.md)