deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-20 17:27:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update code-integrity-policy-commands.md

Browse Source
This commit is contained in:
valemieux 2022-08-08 13:02:16 -07:00
parent 7cf1059272
commit 339a934dbe
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
windows/security/threat-protection/windows-defender-application-control/code-integrity-policy-commands.md
View File

@ -15,53 +15,53 @@ Generates Policy Commands, Token Commands, and Miscellaneous Commands for user m
# Policy Commands # Policy Commands
| Command:| --update-policy /Path/To/Policy/File | | Command:|--update-policy /Path/To/Policy/File |
| Description: | Add or update a policy on the current system | | Description: | Add or update a policy on the current system |
| Alias: | -up | | Alias: | -up |
| Command:| --remove-policy PolicyGUID | | Command:|--remove-policy PolicyGUID |
| Description: | Remove a policy indicated by PolicyGUID from the system | | Description: | Remove a policy indicated by PolicyGUID from the system |
| Alias: | -rp | | Alias: | -rp |
| Command:| --list-policies | | Command:|--list-policies |
| Description: | Dump information about all policies on the system, whether they be active or not | | Description: | Dump information about all policies on the system, whether they be active or not |
| Alias: | -lp | | Alias: | -lp |
# Token Commands # Token Commands
| Command:| --add-token Path/To/Token/File [--token-id ID] | | Command:|--add-token Path/To/Token/File [--token-id ID] |
| Description: | Deploy a token onto the current system, with an optional specific ID. | | Description: | Deploy a token onto the current system, with an optional specific ID. |
| Alias: | -at | | Alias: | -at |
>[!NOTE] If [ID] is specified, a pre-existing token with [ID] should not exist. >[!NOTE] If [ID] is specified, a pre-existing token with [ID] should not exist.
| Command:| --remove-token ID | | Command:|--remove-token ID |
| Description: | Remove a Token indicated by ID from the system. | | Description: | Remove a Token indicated by ID from the system. |
| Alias: | -rt | | Alias: | -rt |
| Command:| --list-tokens | | Command:|--list-tokens |
| Description: | Dump information about all tokens on the system | | Description: | Dump information about all tokens on the system |
| Alias: | -lt | | Alias: | -lt |
# Miscellaneous Commands # Miscellaneous Commands
| Command:| --device-id | | Command:|--device-id |
| Description: | Dump the Code Integrity Device Id | | Description: | Dump the Code Integrity Device Id |
| Alias: | -id | | Alias: | -id |
| Command:| --refresh | | Command:|--refresh |
| Description: | Attempt to Refresh CI Policies | | Description: | Attempt to Refresh CI Policies |
| Alias: | -r | | Alias: | -r |
| Command:| --help | | Command:|--help |
| Description: | Display help | | Description: | Display help |
| Alias: | -h | | Alias: | -h |
#Examples #Examples
#Example 1: Update Policy/Deploy #Example 1: Update Policy/Deploy
Extract BF61FE40-8929-4FDF-9EC2-F7A767717F0B.cip into C:\windows\system32 Extract policy file to C:\windows\system32
```powershell ```powershell
PS C:\Users\[USER] cd \windows\system32 PS C:\Users\<USER> cd \windows\system32
PS C:\windows\system32> .\BF61FE40-8929-4FDF-9EC2-F7A767717F0B.cip -up PS C:\windows\system32> .\BF61FE40-8929-4FDF-9EC2-F7A767717F0B.cip -up
C:\Windows\System32>.\CITool.exe -update-policy \windows\system32\BF61FE40-8929-4FDF-9EC2-F7A767717F0B.cip C:\Windows\System32>.\CITool.exe -update-policy \windows\system32\BF61FE40-8929-4FDF-9EC2-F7A767717F0B.cip