Search This Blog

Friday, May 12, 2017

Windows Defender default exclusions in Windows Server 2016

If you enable antivirus on a server then you always have to be sure to configure appropriate exclusions, so that antivirus does not affect server performance.
In Windows Server 2016 Windows Defender has a lot of default exclusions configured. So for example, on domain controller Windows Defender will not scan Active Directory database files:
  • %windir%\Ntds\ntds.dit
  • %windir%\Ntds\ntds.pat

Windows Internal Database (WID) location

Windows Internal Database (WID) is a free version of SQL database, it can be used with some Windows Server roles, like WSUS, ADFS.

If you need to find the actual databases files (.mdf and .ldf) then starting from Windows Server 2012 they are located in %windir%\WID folder and Data subfolder contains .mdf and .ldf files.