Merge branch 'public' into repo_sync_working_branch

2025-06-24 14:53:44 +00:00 · 2019-12-20 14:23:03 -08:00
parent b94487b2fc d85ece3a95
commit e7109d649d
26 changed files with 59 additions and 36 deletions
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md
@ -27,7 +27,8 @@ ms.date: 05/17/2018
 -   Windows 10
 -   Windows Server 2016

-You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). You can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps defined by the Intelligent Security Graph.
+
+You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). You can either configure an Endpoint Protection profile for WDAC, or create a custom profile with an OMA-URI setting. By using an Endpoint Protection profile, you can configure Windows 10 client computers to only run Windows components and Microsoft Store apps, or let them also run reputable apps as defined by the Intelligent Security Graph.

 1. Open the Microsoft Intune portal and click **Device configuration** > **Profiles** > **Create profile**.

@ -41,3 +42,5 @@ You can use Microsoft Intune to configure Windows Defender Application Control (
   - **Trust apps with good reputation**: Select **Enable** to allow reputable apps as defined by the Intelligent Security Graph to run in addition to Windows components and Store apps.

   ![Configure WDAC](images/wdac-intune-wdac-settings.png)
+   
+To add a custom profile with an OMA-URI see, [Use custom settings for Windows 10 devices in Intune](https://docs.microsoft.com/en-us/intune/configuration/custom-settings-windows-10).