From f9b36a8f76d263724c7d6b3bff194acfcea5cdc4 Mon Sep 17 00:00:00 2001 From: Mark Goodman <19527097+silvermarkg@users.noreply.github.com> Date: Thu, 29 Apr 2021 23:04:53 +0100 Subject: [PATCH] Policy GUID needs clarity I think this doc needs some clarity around the Policy GUID value as it is not clear not to include the curly brackets. Although this is shown in the image it can be quite small and difficult to see. I've added a note under the section but there might be a better approach. --- ...ndows-defender-application-control-policies-using-intune.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md index e9fddbd043..7bbc0ca8ab 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md @@ -68,6 +68,9 @@ The steps to use Intune's custom OMA-URI functionality are: > [!div class="mx-imgBorder"] > ![Configure custom WDAC](images/wdac-intune-custom-oma-uri.png) +> [!NOTE] +> For the _Policy GUID_ value do not include the curly brackets. + ### Remove WDAC policies on Windows 10 1903+ Upon deletion, policies deployed through Intune via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to disable WDAC enforcement, first replace the existing policy with a new version of the policy that will "Allow *", like the rules in the example policy at %windir%\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml. Once the updated policy is deployed, you can then delete the policy from the Intune portal. This will prevent anything from being blocked and fully remove the WDAC policy on the next reboot.