deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #10904 from Harvester57/Harvester57-patch-1

Browse Source 
[WDAC] Ensure that destination folders are present (script deployment method)
This commit is contained in:
Vinay Pamnani 2022-10-18 11:25:54 -04:00 committed by GitHub
commit 05523a9f67
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md
View File

@ -90,8 +90,9 @@ If you are using [signed WDAC policies](windows/security/threat-protection/windo
$MountPoint = 'C:\EFIMount' $MountPoint = 'C:\EFIMount'
$EFIDestinationFolder = "$MountPoint\EFI\Microsoft\Boot\CiPolicies\Active" $EFIDestinationFolder = "$MountPoint\EFI\Microsoft\Boot\CiPolicies\Active"
$EFIPartition = (Get-Partition | Where-Object IsSystem).AccessPaths[0] $EFIPartition = (Get-Partition | Where-Object IsSystem).AccessPaths[0]
if (-Not (Test-Path $MountPoint)) { New-Item -Path $MountPoint -Type Directory -Force }
mountvol $MountPoint $EFIPartition mountvol $MountPoint $EFIPartition
mkdir $EFIDestinationFolder if (-Not (Test-Path $EFIDestinationFolder)) { New-Item -Path $EFIDestinationFolder -Type Directory -Force }
``` ```
2. Copy the signed policy to the created folder: 2. Copy the signed policy to the created folder: