Mac Message Microsoft Au Daemon

-->

Applies to:

Office for Mac. Microsoft au daemon是干什么用的? 使用Macbook,发现进程里常有个叫Microsoft AU Daemon,却不知干什么用的。.

Mac Message Microsoft Au Daemon

Collecting diagnostic information

If you can reproduce a problem, please increase the logging level, run the system for some time, and restore the logging level to the default.

  1. Increase logging level:

  2. Reproduce the problem

  3. Run sudo mdatp --diagnostic --create to backup Microsoft Defender ATP's logs. The files will be stored inside of a .zip archive. This command will also print out the file path to the backup after the operation succeeds.

  4. Restore logging level:

  • 2017-12-12  Why is my Office 2016 for Mac suddenly opening with 'Microsoft AU Daemon.app'? Then closed Excel and reopened, did not get the UA app message. I expect the Daemon AU app will not pop up again. Dec 5, 2017 1:05 AM. Why is my Office 2016 for Mac suddenly opening with 'Microsoft AU Daemon.app'?
  • Recommended: Before Installing any Office update or use backup software: Quit any applications that are running, including virus-protection applications, all Office applications, Microsoft Messenger for Mac, and Office Notifications (Microsoft Database daemon) See how to quit daemon.

Logging installation issues

If an error occurs during installation, the installer will only report a general failure.

The detailed log will be saved to /Library/Logs/Microsoft/mdatp/install.log. If you experience issues during installation, send us this file so we can help diagnose the cause.

Microsoft Au Daemon Mac Message

Message

Au Daemon

Uninstalling

There are several ways to uninstall Microsoft Defender ATP for Mac. Please note that while centrally managed uninstall is available on JAMF, it is not yet available for Microsoft Intune.

Interactive uninstallation

  • Open Finder > Applications. Right click on Microsoft Defender ATP > Move to Trash.

From the command line

  • sudo rm -rf '/Applications/Microsoft Defender ATP.app'
  • sudo rm -rf '/Library/Application Support/Microsoft/Defender/'

Configuring from the command line

Important tasks, such as controlling product settings and triggering on-demand scans, can be done from the command line:

GroupScenarioCommand
ConfigurationTurn on/off real-time protectionmdatp --config realTimeProtectionEnabled [true/false]
ConfigurationTurn on/off cloud protectionmdatp --config cloudEnabled [true/false]
ConfigurationTurn on/off product diagnosticsmdatp --config cloudDiagnosticEnabled [true/false]
ConfigurationTurn on/off automatic sample submissionmdatp --config cloudAutomaticSampleSubmission [true/false]
ConfigurationTurn on PUA protectionmdatp --threat --type-handling potentially_unwanted_application block
ConfigurationTurn off PUA protectionmdatp --threat --type-handling potentially_unwanted_application off
ConfigurationTurn on audit mode for PUA protectionmdatp --threat --type-handling potentially_unwanted_application audit
DiagnosticsChange the log levelmdatp --log-level [error/warning/info/verbose]
DiagnosticsGenerate diagnostic logsmdatp --diagnostic --create
HealthCheck the product's healthmdatp --health
ProtectionScan a pathmdatp --scan --path [path]
ProtectionDo a quick scanmdatp --scan --quick
ProtectionDo a full scanmdatp --scan --full
ProtectionCancel an ongoing on-demand scanmdatp --scan --cancel
ProtectionRequest a security intelligence updatemdatp --definition-update
EDRTurn on/off EDR preview for Macmdatp --edr --early-preview [true/false] OR mdatp --edr --earlyPreview [true/false] for versions earlier than 100.78.0
EDRAdd group tag to machine. EDR tags are used for managing machine groups. For more information, please visit https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groupsmdatp --edr --set-tag GROUP [name]
EDRRemove group tag from machinemdatp --edr --remove-tag [name]

Client Microsoft Defender ATP quarantine directory

/Library/Application Support/Microsoft/Defender/quarantine/ contains the files quarantined by mdatp. The files are named after the threat trackingId. The current trackingIds is shown with mdatp --threat --list --pretty.

Microsoft Defender ATP portal information

Mac Message Microsoft Au Daemon Para Que Sirve

This blog provides detailed guidance on what to expect in Microsoft Defender ATP Security Center.