deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 11:23:45 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update citool-commands.md

Browse Source
This commit is contained in:
valemieux
2022-09-15 06:06:46 -07:00
parent eadad34b16
commit 5090368490
1 changed files with 54 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
windows/security/threat-protection/windows-defender-application-control/citool-commands.md
View File

@ -19,20 +19,20 @@ This article will describe how to use CI Tool to update and manage policies. CI
| Command | Description | Alias | | Command | Description | Alias |
|--------|---------|---------| |--------|---------|---------|
| --update-policy /Path/To/Policy/File | Add or update a policy on the current system | -up | | --update-policy </Path/To/Policy/File> | Add or update a policy on the current system | -up |
| --remove-policy PolicyGUID | Remove a policy indicated by PolicyGUID from the system | -rp | | --remove-policy <PolicyGUID> | Remove a policy indicated by PolicyGUID from the system | -rp |
| --list-policies | Dump information about all policies on the system, whether they are active or not | -lp | | --list-policies | Dump information about all policies on the system, whether they are active or not | -lp |
## Token Commands ## Token Commands
| Command | Description | Alias | | Command | Description | Alias |
|--------|---------|---------| |--------|---------|---------|
| --add-token Path/To/Token/File [--token-id ID] | Deploy a token onto the current system, with an optional specific ID. | -at | | --add-token <Path/To/Token/File> <--token-id ID> | Deploy a token onto the current system, with an optional specific ID. | -at |
| --remove-token ID | Remove a Token indicated by ID from the system. | -rt | | --remove-token <ID> | Remove a Token indicated by ID from the system. | -rt |
| --list-tokens | Dump information about all tokens on the system | -lt | | --list-tokens | Dump information about all tokens on the system | -lt |
>[!NOTE] >[!NOTE]
>Regarding --add-token, if [ID] is specified, a pre-existing token with [ID] should not exist. >Regarding --add-token, if <ID> is specified, a pre-existing token with <ID> should not exist.
## Miscellaneous Commands ## Miscellaneous Commands
@ -46,58 +46,58 @@ This article will describe how to use CI Tool to update and manage policies. CI
1. Deploy a WDAC policy onto the system 1. Deploy a WDAC policy onto the system
```powershell ```powershell
PS C:\Users\[USER] CITool --update-policy "\Windows\Temp\{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}.cip" PS C:\Users\<USER> CITool --update-policy "\Windows\Temp\{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}.cip"
Operation Successful Operation Successful
Press Enter to Continue Press Enter to Continue
``` ```
2. Refresh the WDAC policies 2. Refresh the WDAC policies
```powershell ```powershell
PS C:\Users\[USER] CITool --refresh PS C:\Users\<USER> CITool --refresh
Operation Successful Operation Successful
``` ```
3. Remove a specific WDAC policy by its policy ID 3. Remove a specific WDAC policy by its policy ID
```powershell ```powershell
PS C:\Users\[USER] CiTool --remove-policy "{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}" PS C:\Users\<USER> CiTool --remove-policy "{BF61FE40-8929-4FDF-9EC2-F7A767717F0B}"
Operation Successful Operation Successful
Press Enter to Continue Press Enter to Continue
``` ```
4. Display the help menu 4. Display the help menu
```powershell ```powershell
PS C:\Users\[USER] CITool -h PS C:\Users\<USER> CITool -h
----------------------------- Policy Commands --------------------------------- ----------------------------- Policy Commands ---------------------------------
--update-policy /Path/To/Policy/File --update-policy /Path/To/Policy/File
Add or update a policy on the current system Add or update a policy on the current system
aliases: -up aliases: -up
--remove-policy PolicyGUID --remove-policy PolicyGUID
Remove a policy indicated by PolicyGUID from the system Remove a policy indicated by PolicyGUID from the system
aliases: -rp aliases: -rp
--list-policies --list-policies
Dump information about all policies on the system, whether they be active or not Dump information about all policies on the system, whether they be active or not
aliases: -lp aliases: -lp
----------------------------- Token Commands --------------------------------- ----------------------------- Token Commands ---------------------------------
--add-token Path/To/Token/File [--token-id ID] --add-token Path/To/Token/File <--token-id ID>
Deploy a token onto the current system, with an optional specific ID Deploy a token onto the current system, with an optional specific ID
If [ID] is specified, a pre-existing token with [ID] should not exist. If <ID> is specified, a pre-existing token with <ID> should not exist.
aliases:-at aliases:-at
--remove-token ID --remove-token ID
Remove a Token indicated by ID from the system. Remove a Token indicated by ID from the system.
aliases: -rt aliases: -rt
--list-tokens --list-tokens
Dump information about all tokens on the system Dump information about all tokens on the system
aliases: -lt aliases: -lt
----------------------------- Misc Commands --------------------------------- ----------------------------- Misc Commands ---------------------------------
--device-id --device-id
Dump the Code Integrity Device Id Dump the Code Integrity Device Id
aliases: -id aliases: -id
--refresh --refresh
Attempt to Refresh CI Policies Attempt to Refresh CI Policies
aliases: -r aliases: -r
--help --help
Display this message Display this message
aliases: -h aliases: -h
``` ```