Disable Defender Windows Server 2012 R2

Navigate to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Defender.Double click on "Turn off Windows Defender"Select "Enabled" 

If you create a group policy object and then assign it to an OU and add the delegated users or groups then it will apply to the users in the OU that are included in the delegation

In this post, you will learn how to turn off Windows Defender using Group Policy. Windows Defender is malware protection that is included with and built into Windows 10.

Windows Defender software helps identify and remove viruses, spyware, and other malicious software. But why would you think of turning off Windows Defender then ?.

Windows Defender provides the most protection when cloud-based protection is enabled. Windows Defender runs in the background and notifies you when you need to take specific action. There are many ways to disable windows defender. You could choose to disable it on a single machine, you could also disable it using Registry Tweak.

However when you want to disable Windows Defender on multiple computers in a domain, the group policy method is the best. If you are using System Center 2012 R2 Configuration Manager and Microsoft Intune, these can provide centralized management of Windows Defender, including:

• Settings management
• Definition update management
• Alerts and alert management
• Reports and report management

How to turn off Windows Defender using Group Policy

Launch the Group Policy Management console. Right click on the domain and click Create a GPO in this domain and link it here. Provide a name to the GPO. Click OK.

Once the policy is created, right click on the policy and click Edit. This will bring up the Group Policy Management Editor. Navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender.

Look for the policy setting “Turn Off Windows Defender“. Right click on the policy setting and click Edit.

On the Turn off Windows Defender policy setting, click Enabled. This policy setting turns off Windows Defender. Click OK and close the Group policy management console.

On the client machine, we now see that group policy has been applied. When the user tries to open Windows Defender, it shows a box stating This application is turned off by group policy. In case you want to enable the windows defender, edit the policy and simply change the same policy’s status from Enabled to Not Configured or Disabled.

In this post, you’ll learn how to uninstall Windows Defender on Windows Server. You can uninstall Windows Defender feature on all versions of Windows Server with a simple PowerShell command.

The question is: Why uninstall Windows Defender from Windows Server? If you have a third party antivirus solution on Windows Server, you may not require Windows Defender.

Installing two antivirus softwares on a Windows Server may cause conflicts and most of all, it will slow down the performance of your Windows Server. As a best practice ensure you don’t have multiple security products running on a system.

When you install an additional security software, Microsoft Defender Antivirus does not automatically disable itself. Hence, you have to manually uninstall Windows Defender on your Windows Server.

When you install Windows Server operating system, the Windows Defender is preinstalled. The Windows Defender is also referred as Endpoint protection or Microsoft Defender Antivirus Service.

Ways to Uninstall Windows Defender Antivirus on Windows Server

There are two ways to uninstall Windows Defender from your Windows Server:

• You can remove Windows Defender AV completely via Remove Roles and Features Wizard.
• Windows Defender can be easily installed/uninstalled using a PowerShell command.

You can also create a batch file to disable windows defender permanently. However, that is more preferred method for IT professionals. The best way to remove the Windows Defender AV on Server would be using the Remove Roles and Features wizard. In the wizard you can deselect the Windows Defender Features option at the Features step.

On your Windows Server, the option to deselect Windows Defender feature could be greyed out. This could be due to Microsoft doesn’t want you to remove Windows Defender so easily. In this situation, you can easily uninstall the Microsoft Defender Antivirus Service using PowerShell command.

Windows Defender Antivirus on Windows Server

Microsoft Defender Antivirus is available in the following editions of Windows Server:

• Windows Server 2022
• Windows Server 2019
• Windows Server, version 1803 or later
• Windows Server 2016

Check if Windows Defender Service is running on Windows Server

On your Windows Server, you can check whether the Windows Defender Service is running or not with following steps. Click Start > Run and type Services.msc. In the Services console, look for Microsoft Defender Antivirus Service and check the Status of this service. If it shows as Running, it means the Windows Defender Service is running on Windows Server.

The second method to check the defender AV services status is using command prompt. When you run the command “sc query Windefend“, it displays the status of Microsoft Defender Antivirus Service. If the status is RUNNING, that means Windows Defender is present and service is active on the machine.

You can also determine the Windows Defender antivirus status using PowerShell. Launch the PowerShell as administrator and run the command Get-Service -Name WinDefend to know the status of Windows Defender AV. Learn more about the Get-Service command along with its parameters.

Uninstall Windows Defender on Windows Server

Here are the steps to uninstall Windows Defender on Windows Server:

1. Login to the Windows Server.
2. Ensure Windows Defender Antivirus service is running. You can run sc query Windefend in command prompt.
3. Run the PowerShell command to uninstall Windows Defender on Windows Server.

To uninstall Windows Defender antivirus, launch PowerShell and run the below command. Note that a server reboot is required once you uninstall the Windows Defender.

Uninstall-WindowsFeature -Name Windows-Defender

Re-install Windows Defender on Windows Server

If you have uninstalled Windows Defender, later you changed your mind and decide to install it back, you can re-install it. Using the below PowerShell command, you can install Windows Defender feature on Windows Server. This command should work on all the latest Windows Server operating systems. Run the PowerShell as administrator and run the below command.

Install-WindowsFeature -Name Windows-Defender

After you install Windows Defender on Server, you must reboot the server.

Conclusion

On the latest Windows Server operating systems, Microsoft Defender antivirus works really well. However, most organizations prefer to use a third-party solutions that offer more features than Microsoft Defender. In such cases, running two security softwares on a server isn’t the best practice. You can remove Windows Defender software and replace it with a different AV software.

How do I turn off Windows Defender 2012?

Does Windows Server 2012 R2 have Windows Defender?

How do I turn off Windows Defender on server?

How do I permanently disable Windows Defender 2016?