Set-CIPolicySetting
Modifies the SecureSettings within the Code Integrity policy.
Syntax
Set-CIPolicySetting
[-FilePath] <String>
-Provider <String>
-Key <String>
-ValueName <String>
-ValueType <String>
-Value <String>
[<CommonParameters>] Set-CIPolicySetting
[-FilePath] <String>
-Provider <String>
-Key <String>
-ValueName <String>
[-Delete]
[<CommonParameters>] Description
The Set-CIPolicySetting cmdlet modifies the Secure Settings within a Code Integrity policy. Specify the .xml file of the policy to modify. Secure Settings are queried by Windows APIs to set security behaviors.
Examples
Example 1: Set the Code Integrity policy
Set-CIPolicySetting -FilePath C:\Policies\WDAC_policy.xml -Key "{12345678-9abc-def0-1234-56789abcdef0}" -Provider WSH -Value $True -ValueName EnterpriseDefinedClsId -ValueType BooleanThis command sets the Code Integrity policy to allow for the specified Provider, Key and ValueName.
Parameters
-Delete
Indicates that this cmdlet removes a Secure Setting from the Code Integrity policy identified by Provider, Key and ValueName.
| Type: | SwitchParameter |
| Aliases: | d |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FilePath
Specifies the full path of the policy .xml file.
| Type: | String |
| Aliases: | f |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Key
Specifies the Secure Setting key. The key is the GUID of the program to run in this format:
{33333333-4444-4444-1616-161616161616}
| Type: | String |
| Aliases: | k |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Provider
Specifies the Secure Setting provider. The provider is the platform on which the code runs.
| Type: | String |
| Aliases: | p |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Value
Specifies the Secure Setting value.
Specify $True to allow or $False to deny.
Specify $False, or deny, only for base policies, not supplemental policies.
| Type: | String |
| Aliases: | v |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ValueName
Specifies the value name.
| Type: | String |
| Aliases: | vn |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ValueType
Specifies the value type. Valid values are:
- Boolean
- DWord
- Binary
- String
| Type: | String |
| Aliases: | vt |
| Accepted values: | Boolean, DWord, Binary, String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None