deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 06:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update manage-packaged-apps-with-windows-defender-application-control.md

Browse Source
This commit is contained in:
jsuther1974 2023-03-02 09:48:11 -08:00
parent 272a4eb85a
commit cdc3eb28b0
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
View File

@ -49,7 +49,6 @@ All of the files that make up an MSIX app are signed with a common catalog signa
#### Create signer rule from MSIX/MSIXBUNDLE #### Create signer rule from MSIX/MSIXBUNDLE
```powershell ```powershell
$Rules = $null
$FilePath = $env:USERPROFILE+'\Downloads\WDACWizard_2.1.0.1_x64_8wekyb3d8bbwe.MSIX' $FilePath = $env:USERPROFILE+'\Downloads\WDACWizard_2.1.0.1_x64_8wekyb3d8bbwe.MSIX'
$Rules = New-CIPolicyRule -DriverFilePath $FilePath -Level Publisher $Rules = New-CIPolicyRule -DriverFilePath $FilePath -Level Publisher
``` ```
@ -59,8 +58,7 @@ Then use the [Merge-CIPolicy](/powershell/module/configci/merge-cipolicy) PowerS
#### Create signer rule from AppxSignature.p7x #### Create signer rule from AppxSignature.p7x
```powershell ```powershell
$Rules = $null $FilePath = $env:ProgramFiles+'\WindowsApps\Microsoft.WDAC.WDACWizard_2.1.0.1_x64__8wekyb3d8bbwe\AppxSignature.p7x'
$FilePath = $env:ProgramFiles++'\WindowsApps\Microsoft.WDAC.WDACWizard_2.1.0.1_x64__8wekyb3d8bbwe\AppxSignature.p7x'
$Rules = New-CIPolicyRule -DriverFilePath $FilePath -Level Publisher $Rules = New-CIPolicyRule -DriverFilePath $FilePath -Level Publisher
``` ```
@ -75,7 +73,6 @@ You can create PFN rules directly from packaged apps that are currently installe
```powershell ```powershell
# Query for the packaged apps. This example looks for all packages from Microsoft. # Query for the packaged apps. This example looks for all packages from Microsoft.
$Packages = Get-AppXPackage -Name Microsoft.* $Packages = Get-AppXPackage -Name Microsoft.*
$Rules = $null
foreach ($Package in $Packages) foreach ($Package in $Packages)
{ {
$Rules += New-CIPolicyRule -Package $Package $Rules += New-CIPolicyRule -Package $Package
@ -94,7 +91,7 @@ Use the following steps to create a WDAC PFN rule for an app that is installed o
2. Check **Usermode Rule** as the Rule Scope, if not checked. 2. Check **Usermode Rule** as the Rule Scope, if not checked.
3. Select either **Allow** or **Deny** for your Rule Action. 3. Select either **Allow** or **Deny** for your Rule Action.
4. Select **Packaged App** for your Rule Type. 4. Select **Packaged App** for your Rule Type.
5. In the **Package Name** field, enter a string value to search. You can use "?" or "\*" wildcards in the search string. Then select **Search**. 5. In the **Package Name** field, enter a string value to search. You can use `?` or `*` wildcards in the search string. Then select **Search**.
6. In the results box, check one or more apps for which you want to create rules. 6. In the results box, check one or more apps for which you want to create rules.
7. Select **Create Rule**. 7. Select **Create Rule**.
8. Create any other rules desired, then complete the Wizard. 8. Create any other rules desired, then complete the Wizard.
@ -107,7 +104,7 @@ Use the following steps to create a PFN rule with a custom string value:
1. Repeat steps 1-4 in the previous example. 1. Repeat steps 1-4 in the previous example.
2. Check the box labeled **Use Custom Package Family**. The *Search* button label changes to *Create*. 2. Check the box labeled **Use Custom Package Family**. The *Search* button label changes to *Create*.
3. In the **Package Name** field, enter a string value for your PFN rule. You can use "?" or "\*" wildcards if targeting Windows 11 devices. Then select **Create** 3. In the **Package Name** field, enter a string value for your PFN rule. You can use `?` or `*` wildcards if targeting Windows 11 devices. Then select **Create**
4. In the results box, check one or more apps for which you want to create rules. 4. In the results box, check one or more apps for which you want to create rules.
5. Select **Create Rule**. 5. Select **Create Rule**.
6. Create any other rules desired, then complete the Wizard. 6. Create any other rules desired, then complete the Wizard.