Skip to content

Deploy SignedWDACConfig

Violet Hansen edited this page Nov 4, 2024 · 13 revisions

Deploy-SignedWDACConfig available parameters

How to sign and deploy signed App Control policies

image

Syntax

Deploy-SignedWDACConfig
    -PolicyPaths <FileInfo[]>
    [-Deploy]
    [-CertPath <FileInfo>]
    [-CertCN <String>]
    [-SignToolPath <FileInfo>]
    [-Force]
    [-Confirm]
    [<CommonParameters>]

Description

Creates and signs a .CIP file that can be either deployed locally using the -Deploy parameter or you can deploy the signed policy binary on a different machine later using the built-in Citool, Intune etc.

Parameters

-PolicyPaths

The XML Policies to deploy. Supports File picker GUI.

Type: FileInfo[]
Position: Named
Default value: None
Required: True
Accept pipeline input: False
Accept wildcard characters: False

-CertPath

Path to the certificate .cer file. Press TAB to open the file picker GUI and browse for a .cer file.

Type: FileInfo
Position: Named
Default value: None
Required: False
Automatic: True
Accept pipeline input: False
Accept wildcard characters: False

-CertCN

Common name of the certificate - Supports argument completion so you don't have to manually enter the Certificate's CN, just make sure the -CertPath is specified and the certificate is installed in the personal store of the user certificates, then press TAB to auto complete the name. You can however enter it manually if you want to.

Type: String
Position: Named
Default value: None
Required: False
Automatic: True
Accept pipeline input: False
Accept wildcard characters: False

-SignToolPath

Press TAB to open the file picker GUI and browse for SignTool.exe

Important

Refer to this section for more info

Type: FileInfo
Position: Named
Default value: None
Required: False
Automatic: True
Accept pipeline input: False
Accept wildcard characters: False

-Deploy

Deploys the signed policy on the system

Type: SwitchParameter
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-Force

Indicates that the cmdlet won't ask for confirmation and will proceed with deploying the signed policy.

Type: SwitchParameter
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False









C#


Clone this wiki locally