2.1 KiB
title, description, ms.assetid, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, author, ms.date
| title | description | ms.assetid | ms.prod | ms.mktglfcycl | ms.sitesec | ms.pagetype | author | ms.date |
|---|---|---|---|---|---|---|---|---|
| Deploy Windows Defender Application Control (WDAC) policies by using Microsoft Intune (Windows 10) | Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. | 8d6e0474-c475-411b-b095-1c61adb2bdbb | w10 | deploy | library | security | jsuther1974 | 02/28/2018 |
Deploy Windows Defender Application Control policies by using Microsoft Intune
Applies to:
- Windows 10
- Windows Server 2016
You can apply Windows Defender Application Control (WDAC) to Windows 10 client computers using Microsoft Intune.
-
Open the Microsoft Intune portal and click Create a compliance policy.
-
Click Create Policy.
-
Type a name for the new policy and for Platform, select Windows 10 and later.
-
Click Device Health, select Require for the following settings and then click OK:
- Require BitLocker
- Require Secure Boot to be enabled on the device
- Require code integrity
-
Click Device Properties, configure any operating system version requirements and then click OK.
-
Click System Security, select any security options to include in the policy and then click OK.
-
When you finish configuring settings, click OK and then click Create.
-
Click Assignments.
-
Select any mutually exclusive groups to include or exclude from the policy, or assign it to All users, and then click Save.
