Score:0

Where is Defender CSP in Windows configuration designer?

US flag
user995120

I'm trying to create a provisioning package for test PCs and I'm having hard time finding Defender CSP in Windows Configuration Designer.

at first I downloaded Windows Configuration designer from Microsoft store, there was no Defender CSP, only a Defender under policies which has only 20% of the options shown in the actual Defender CSP.

then I installed Windows ADK and used the Windows imaging and configuration designer in there, but still the same.

I'm new to this and don't have Intune subscription, trying to only use provisioning packages for now (.ppkg). how can I access the actual Defender CSP and all of its options?

in the official doc, the path is ./Device/Vendor/MSFT/Defender which should be shown right under the runtime settings but it isn't. am I missing something?

I also see there is Defender DDF, maybe I need to manually import it into the program? I'd gladly do it if I just knew how.

enter image description here

there is a command line for configuration designer too.

For reference, this is all the CSPs available in Windows Configuration Designer: https://learn.microsoft.com/en-us/windows/configuration/wcd/wcd

but in this page on the left side, you can see all the CSPs available. https://learn.microsoft.com/en-us/windows/client-management/mdm/

why only like 10% of CSPs are available in Windows Configuration Designer? how are we supposed to use the rest of them in a .ppkg without MDM subscription? (please cite an official Microsoft source to answer this question)

Score:0
us flag

The Defender CSP is only available in Windows Configuration Designer if your device has the necessary security configurations. The Defender CSP is only supported for Windows 10 Enterprise and Windows 10 Education editions and is managed by Microsoft Intune or System Center Configuration Manager. If you are not using either of these management tools, you may not have access to the full Defender CSP.

Regarding the lack of some of the other CSPs in the Windows Configuration Designer, some of the CSPs require special permissions, such as Intune enrollment or are only available on certain editions of Windows, such as Windows 10 Enterprise. Microsoft has a complete list of the supported CSPs for each version of Windows.

As for using other CSPs without an Intune subscription, you can create a provisioning package manually by creating an XML file containing the desired configuration settings and then applying it to a device. The XML file should be created in accordance with the syntax and structure specified in the relevant CSP documentation.

Score:0
tl flag

You have to start a new "Provision desktop devices" Project. After starting click on "Switch to advanced editor" on the bottom left. Under "Runtime settings" -> "Policies" -> "Defender" you can configure the Defender options.

If you start a new Project with "Advanced Provisioning" you will not see all the options.

DSSO21 avatar
tl flag
Which specific setting are you missing?
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.