Skip to content

New SupplementalWDACConfig

HotCakeX edited this page May 13, 2023 · 28 revisions

Available Parameters of New-SupplementalWDACConfig


New-SupplementalWDACConfig -Normal

image

New-SupplementalWDACConfig [-Normal] -ScanLocation <String> -SuppPolicyName <String> -PolicyPath <String>
[-Deployit] [-AllowFileNameFallbacks] [-SpecificFileNameLevel <String>] [-NoUserPEs] [-NoScript] [-Level <String>]
[-Fallbacks <String[]>]

Creates a normal Supplemental policy for a base policy.

Requires 3 mandatory parameters

  • -ScanLocation <String>: The directory or drive that you want to scan for files that will be allowed to run by the Supplemental policy.

  • -SuppPolicyName <String>: Add a descriptive name for the Supplemental policy. Accepts only alphanumeric and space characters.

  • -PolicyPaths <String[]>: Browse for the xml file of the Base policy this Supplemental policy is going to expand. Supports tab completion by showing only .xml files with Base Policy Type.

Has 7 optional parameter

  • -Deployit: Indicates that the module will automatically deploy the Supplemental policy after creation.

  • -Levels <String>: Offers the same official Levels for scanning of the specified directory path. If no level is specified the default, which is set to FilePublisher in this module, will be used.

  • -Fallbacks <String[]>: Offers the same official Fallbacks for scanning of the specified directory path. If no fallbacks is specified the default, which is set to Hash in this module, will be used.

  • -AllowFileNameFallbacks: More info available on Microsoft Learn

  • -SpecificFileNameLevel: You can choose one of the following options: "OriginalFileName", "InternalName", "FileDescription", "ProductName", "PackageFamilyName", "FilePath". More info available on Microsoft Learn

  • -NoUserPEs: By default the module includes user PEs in the scan, but when you use this switch parameter, they won't be included. More info available on Microsoft Learn

  • -NoScript: More info available on Microsoft Learn

The outputs of the parameter are

  • SupplementalPolicy<Custom Name>.xml
  • {GUID}.cip



New-SupplementalWDACConfig -FilePathWildCards

image

New-SupplementalWDACConfig [-FilePathWildCards] -WildCardPath <String> -SuppPolicyName <String> -PolicyPath
<String> [-Deployit]

Creates a Supplemental policy that allows a file path that includes one or more wildcard * character in it.

Requires 3 mandatory parameters

  • -WildCardPath: A file path that includes at least one wildcard * character and ends with a \.

  • -SuppPolicyName <String>: Add a descriptive name for the Supplemental policy. Accepts only alphanumeric and space characters.

  • -PolicyPath: Browse for the xml file of the Base policy this Supplemental policy is going to expand. Supports tab completion by showing only .xml files with Base Policy Type.

Has 1 optional parameter

  • -Deployit: Indicates that the module will automatically deploy the Supplemental policy after creation.

The outputs of the parameter are

  • SupplementalPolicy<Custom Name>.xml
  • {GUID}.cip



New-SupplementalWDACConfig -InstalledAppXPackages

image

New-SupplementalWDACConfig [-InstalledAppXPackages] -PackageName <String> -SuppPolicyName <String> -PolicyPath
<String> [-Deployit]

Creates a Supplemental policy based on the package name of an installed app.

More information at Microsoft Learn

Requires 3 mandatory parameters

  • -PackageName: Enter the package name of an installed app. Supports wildcard * character. e.g, *Edge* or "*Microsoft*".

  • -SuppPolicyName <String>: Add a descriptive name for the Supplemental policy. Accepts only alphanumeric and space characters.

  • -PolicyPath: Browse for the xml file of the Base policy this Supplemental policy is going to expand. Supports tab completion by showing only .xml files with Base Policy Type.

Has 1 optional parameter

  • -Deployit: Indicates that the module will automatically deploy the Supplemental policy after creation.

The outputs of the parameter are

  • SupplementalPolicy<Custom Name>.xml
  • {GUID}.cip









C#


Clone this wiki locally