CompuMetalGeek
diff --git a/‎docset/winserver2022-ps/configci/Add-SignerRule.md‎
Lines changed: 40 additions & 2 deletions b/‎docset/winserver2022-ps/configci/Add-SignerRule.md‎
Lines changed: 40 additions & 2 deletions
diff --git a/‎docset/winserver2022-ps/configci/ConfigCI.md‎
Lines changed: 6 additions & 3 deletions b/‎docset/winserver2022-ps/configci/ConfigCI.md‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎docset/winserver2022-ps/configci/Edit-CIPolicyRule.md‎
Lines changed: 14 additions & 17 deletions b/‎docset/winserver2022-ps/configci/Edit-CIPolicyRule.md‎
Lines changed: 14 additions & 17 deletions
diff --git a/‎docset/winserver2022-ps/configci/Merge-CIPolicy.md‎
Lines changed: 17 additions & 1 deletion b/‎docset/winserver2022-ps/configci/Merge-CIPolicy.md‎
Lines changed: 17 additions & 1 deletion
diff --git a/‎docset/winserver2022-ps/configci/New-CIPolicy.md‎
Lines changed: 107 additions & 8 deletions b/‎docset/winserver2022-ps/configci/New-CIPolicy.md‎
Lines changed: 107 additions & 8 deletions
@@ -15,8 +15,15 @@ Creates a signer rule and adds it to a policy.
 
 ## SYNTAX
 
+### Certificate
 ```
-Add-SignerRule -FilePath <String> -CertificatePath <String> [-Kernel] [-User] [-Update] [-Deny]
+Add-SignerRule -FilePath <String> -CertificatePath <String> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]
+ [<CommonParameters>]
+```
+
+### CertStore
+```
+Add-SignerRule -FilePath <String> -CertStorePath <String> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]
  [<CommonParameters>]
 ```
 
@@ -46,7 +53,7 @@ Specifies the path of a certificate (.cer) file that this cmdlet uses for the ru
 
 ```yaml
 Type: String
-Parameter Sets: (All)
+Parameter Sets: Certificate
 Aliases: c
 
 Required: True
@@ -56,6 +63,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -CertStorePath
+Specifies the path to a certificate store to export certificates into the policy.
+
+```yaml
+Type: String
+Parameter Sets: CertStore
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Deny
 Indicates that this cmdlet creates a deny rule instead of the default allow rule.
 
@@ -102,6 +124,22 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Supplemental
+Indicates that this cmdlet adds the rule as a Supplemental policy signers rule.
+You can add a rule as more than one scenario.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Update
 Indicates that this cmdlet adds the rule as an Update policy signers rule.
 You can add a rule as more than one scenario.
 
@@ -42,16 +42,19 @@ Combines the rules in several Code Integrity policy files.
 ### [New-CIPolicy](./New-CIPolicy.md)
 Creates a Code Integrity policy as an .xml file.
 
-### [New-CIPolicyRule](./New-CIPolicyRule.md)
-Generates Code Integrity policy rules for drivers.
+### [New-CIPolicyRule](New-CIPolicyRule.md)
+Generates Code Integrity policy rules for user mode code and drivers.
 
 ### [Remove-CIPolicyRule](./Remove-CIPolicyRule.md)
 This cmdlet is not supported.
 
 ### [Set-CIPolicyIdInfo](./Set-CIPolicyIdInfo.md)
 Modifies the name and ID of a Code Integrity policy.
 
-### [Set-CIPolicyVersion](./Set-CIPolicyVersion.md)
+### [Set-CIPolicySetting](Set-CIPolicySetting.md)
+Modifies the SecureSettings within the Code Integrity policy.
+
+### [Set-CIPolicyVersion](Set-CIPolicyVersion.md)
 Updates the version number of the policy.
 
 ### [Set-HVCIOptions](./Set-HVCIOptions.md)
 
@@ -185,12 +185,12 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -RType
+### -RemoveEkus
+
 ```yaml
-Type: String
-Parameter Sets: (All)
-Aliases: t
-Accepted values: Allow, Deny, a, d
+Type: String[]
+Parameter Sets: SignerRule
+Aliases:
 
 Required: False
 Position: Named
@@ -199,13 +199,12 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -RemoveEkus
-
+### -RemoveExceptions
 
 ```yaml
 Type: String[]
 Parameter Sets: SignerRule
-Aliases: 
+Aliases:
 
 Required: False
 Position: Named
@@ -214,13 +213,12 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -RemoveExceptions
-
+### -Root
 
 ```yaml
-Type: String[]
+Type: String
 Parameter Sets: SignerRule
-Aliases: 
+Aliases:
 
 Required: False
 Position: Named
@@ -229,13 +227,12 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -Root
-
-
+### -RType
 ```yaml
 Type: String
-Parameter Sets: SignerRule
-Aliases: 
+Parameter Sets: (All)
+Aliases: t
+Accepted values: Allow, Deny, a, d
 
 Required: False
 Position: Named
 
@@ -16,7 +16,8 @@ Combines the rules in several Code Integrity policy files.
 ## SYNTAX
 
 ```
-Merge-CIPolicy [-OutputFilePath] <String> [-PolicyPaths] <String[]> [-Rules <Rule[]>] [<CommonParameters>]
+Merge-CIPolicy [-OutputFilePath] <String> [-PolicyPaths] <String[]> [-Rules <Rule[]>] [-AppIdTaggingPolicy]
+ [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -89,6 +90,21 @@ For this example, we present only the first few rules.
 
 ## PARAMETERS
 
+### -AppIdTaggingPolicy
+This parameter is reserved for future use.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -OutputFilePath
 Specifies the path of the merged .xml policy file.
 
 
@@ -18,14 +18,18 @@ Creates a Code Integrity policy as an .xml file.
 ### Drivers
 ```
 New-CIPolicy [-FilePath] <String> [-DriverFiles <DriverFile[]>] -Level <RuleLevel> [-Fallback <RuleLevel[]>]
- [-Audit] [-ScanPath <String>] [-ScriptFileNames] [-UserPEs] [-NoScript] [-Deny] [-NoShadowCopy]
- [-OmitPaths <String[]>] [-PathToCatroot <String>] [-MultiplePolicyFormat] [<CommonParameters>]
+ [-Audit] [-ScanPath <String>] [-ScriptFileNames] [-AllowFileNameFallbacks]
+ [-SpecificFileNameLevel <FileNameLevel>] [-UserWriteablePaths] [-UserPEs] [-NoScript] [-Deny] [-NoShadowCopy]
+ [-MultiplePolicyFormat] [-OmitPaths <String[]>] [-PathToCatroot <String>] [-AppIdTaggingPolicy]
+ [-AppIdTaggingKey <String[]>] [-AppIdTaggingValue <String[]>] [<CommonParameters>]
 ```
 
 ### Rules
 ```
-New-CIPolicy [-FilePath] <String> -Rules <Rule[]> [-Audit] [-ScanPath <String>] [-ScriptFileNames] [-UserPEs]
- [-NoScript] [-Deny] [-NoShadowCopy] [-OmitPaths <String[]>] [-PathToCatroot <String>] [-MultiplePolicyFormat] [<CommonParameters>]
+New-CIPolicy [-FilePath] <String> -Rules <Rule[]> [-Audit] [-ScanPath <String>] [-ScriptFileNames]
+ [-AllowFileNameFallbacks] [-SpecificFileNameLevel <FileNameLevel>] [-UserWriteablePaths] [-UserPEs]
+ [-NoScript] [-Deny] [-NoShadowCopy] [-MultiplePolicyFormat] [-OmitPaths <String[]>] [-PathToCatroot <String>]
+ [-AppIdTaggingPolicy] [-AppIdTaggingKey <String[]>] [-AppIdTaggingValue <String[]>] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -309,6 +313,70 @@ File rule exceptions cannot use the PCA Certificate, Publisher, Signed Version,
 
 ## PARAMETERS
 
+### -AllowFileNameFallbacks
+Indicates that files that do not have an `OriginalFileName` fall back in the following order:
+
+- InternalName
+- FileDescription
+- ProductName
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -AppIdTaggingKey
+This parameter is reserved for future use.
+
+```yaml
+Type: String[]
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -AppIdTaggingPolicy
+This parameter is reserved for future use.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -AppIdTaggingValue
+This parameter is reserved for future use.
+
+```yaml
+Type: String[]
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Audit
 Indicates that this cmdlet searches the Code Integrity Audit log for drivers.
 It does not perform a full system scan.
@@ -407,6 +475,22 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -MultiplePolicyFormat
+Indicates that this cmdlet should create a policy in multiple policy format as opposed to a single policy format. 
+Refer to [Create WDAC policies in Multiple Policy Format](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies#creating-wdac-policies-in-multiple-policy-format) for the difference between the policy formats. 
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -NoScript
 Indicates that this cmdlet does not search script files.
 It searches portable executable files (PE files) only.
@@ -525,6 +609,22 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -SpecificFileNameLevel
+Specifies the attribute of the file off which to base a file name rule. The -Level must be set to FileName for this option. Possible values are: None, OriginalFileName, InternalName, FileDescription, ProductName, PackageFamilyName, and FilePath.
+Refer to [File Name Rules Info](/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create#windows-defender-application-control-filename-rules) for a description of the acceptable values.
+
+```yaml
+Type: FileNameLevel
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -UserPEs
 Indicates that this cmdlet includes user-mode files in the scan.
 Specify this parameter only if you do not provide driver files or rules.
@@ -541,14 +641,13 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -MultiplePolicyFormat
-Indicates that this cmdlet should create a policy in multiple policy format as opposed to a single policy format. 
-Refer to [Create WDAC policies in Multiple Policy Format](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies#creating-wdac-policies-in-multiple-policy-format) for the difference between the policy formats. 
+### -UserWriteablePaths
+Indicates that this cmdlet includes files identified as user writeable in the policy.
 
 ```yaml
 Type: SwitchParameter
 Parameter Sets: (All)
-Aliases: None
+Aliases:
 
 Required: False
 Position: Named