Skip to content

CLM Support #929

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
timbrigham-oc wants to merge 1,829 commits into from
Closed

CLM Support #929

timbrigham-oc wants to merge 1,829 commits into from

Conversation

@timbrigham-oc
Copy link

@timbrigham-oc timbrigham-oc commented May 1, 2025

Proposed Changes

Support PowerShell CLM mode during installation process.

Related Issues

Former pull request on this same issue here,
#786
#783

dependabot bot and others added 30 commits September 23, 2024 06:29
@dependabot
Bump peter-evans/create-pull-request from 6.1.0 to 7.0.5
5da58fd 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.1.0 to 7.0.5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@c5a7806...5e91468)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@Romanitho
Setting ACL
c83f030
@Romanitho
Delete Invoke-DirProtect.ps1
997779e
@Romanitho
Merge pull request Romanitho#712 from Romanitho/security
8a03d3f 
Security
@Romanitho
Merge pull request Romanitho#710 from Romanitho/dependabot/github_act…
a7d842a 
…ions/peter-evans/create-pull-request-7.0.5

Bump peter-evans/create-pull-request from 6.1.0 to 7.0.5
@Romanitho
Merge branch 'main' into v2-MSI
ccc29cd
@Romanitho
Merge pull request Romanitho#697 from Romanitho/v2-MSI
e9ddb67 
V2 msi
@Romanitho
Update README.md
c477bfe
@KnifMelti
WayBackMachine
b5f0d64
@Romanitho
Merge pull request Romanitho#713 from KnifMelti/READMELink
b8e8781 
WayBackMachine
@Romanitho
Release details
7f047f9
@Romanitho
Merge pull request Romanitho#714 from Romanitho/release-details
b247463 
Release details
@Romanitho
Update README.md
42b02ff
@Romanitho
Add V1 builder for hotfixes
966eca0
@Romanitho
Delete .github/workflows/WAU-CreateV1Release.yml
633f56a
@Romanitho
Update WAU-CreateV1Release.yml
1fd4e03
@Romanitho
change wau.zip dependance to 1.21.11
803893c
@Romanitho
Merge pull request Romanitho#719 from Romanitho/update-zip
4f6f97c 
change wau.zip dependance to 1.21.11
@Romanitho
Update WAU-ReleaseBuilder.yml
16fe860
@Romanitho
Merge pull request Romanitho#721 from Romanitho/update-wau.zip-link
17254f1 
Update WAU.zip link
@Romanitho
update wau.zip link to 1.21.13
6bd5a8b
@Romanitho
Merge pull request Romanitho#723 from Romanitho/link
1163799 
update wau.zip link to 1.21.13
@Romanitho
Change `t to spaces for CMTrace
b568bb1
@Romanitho
Merge pull request Romanitho#724 from Romanitho/log
11274e0 
Change `t to spaces for CMTrace
@Romanitho
copy mods from current location
6de0916
@Romanitho
Update WAU-MSI_Actions.ps1
0cf8ca2
@Romanitho
remove mods on uninstall
4095e12
@Romanitho
Merge pull request Romanitho#725 from Romanitho/mods
fb6ebdc 
Add mods on WAU.msi install
@a-mnich
fix typo in installer
620c007
@Romanitho
Merge pull request Romanitho#729 from a-mnich/installer-typo
0c9b8e7 
fix `Success only` typo in installer
Romanitho and others added 27 commits March 15, 2025 12:17
@Romanitho
Merge pull request Romanitho#888 from Romanitho/main
9affe62 
[README] Put screenshot back
@Romanitho
Merge pull request Romanitho#886 from KnifMelti/hotfix/trimraw
829d98d 
Get-Content TRIM for -override/-custom
@Romanitho
documentation
987c85f
@Romanitho
Full GPO/Intune doc
0277e04
@Romanitho
Update README.md
a76d5eb
@Romanitho
Update README.md
a6ceaea
@Romanitho
Update README.md
4b6a0c4
@Romanitho @github-actions
[MegaLinter] Apply linters automatic fixes
0c99604
@Romanitho
Merge pull request Romanitho#889 from Romanitho/feature/clean
16a5695 
[README] Cleaning and GPO/Intune dedicated section
@Romanitho
Update cspell.json
2cd59bf
@Romanitho
word mods
ca09028
@Romanitho
mods
23f8f57
@Romanitho
Merge pull request Romanitho#891 from Romanitho/create-pull-request/p…
1450dc1 
…atch

[MegaLinter] Apply linters automatic fixes
@Romanitho
Update GitFlow_Nightly-builds.yml
62b55d2
@Romanitho
Update GitFlow_Nightly-builds.yml
c94bbff
@Romanitho
Fix nightly build tag creation from develop
9f00859
@Romanitho
Update README.md
2f229a2
@KnifMelti
implementing solution from Andrzej Demski
cb30d2d
@Romanitho
Merge pull request Romanitho#898 from KnifMelti/feature/cimstore
f50579d 
Get-CimInstance instead of Get-WmiObject
@AndrewDemski-ad-gmail-com
Update cspell.json
1a35f6f 
Added more words to ignore list to suppress Megalinter/scpell.
@Romanitho
Merge pull request Romanitho#899 from AndrewDemski-ad-gmail-com/develop
02c5a91 
Update cspell.json
@dependabot
Bump oxsecurity/megalinter from 8.4.2 to 8.5.0
a651943 
Bumps [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) from 8.4.2 to 8.5.0.
- [Release notes](https://github.com/oxsecurity/megalinter/releases)
- [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md)
- [Commits](oxsecurity/megalinter@ec124f7...1463330)

---
updated-dependencies:
- dependency-name: oxsecurity/megalinter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@Romanitho
Merge pull request Romanitho#900 from Romanitho/dependabot/github_act…
5d98d52 
…ions/develop/oxsecurity/megalinter-8.5.0

Bump oxsecurity/megalinter from 8.4.2 to 8.5.0
@Romanitho
Merge branch 'main' into release/2.4.0
b4fd1c1
@Romanitho
Merge pull request Romanitho#910 from Romanitho/release/2.4.0
b98f2dc 
Release 2.4.0
@Romanitho
secrets.PAT
ddac9b5
@timbrigham-oc
Merge branch 'Romanitho:main' into clm-support
bc8c453
@AndrewDemski-ad-gmail-com
Copy link
Contributor

AndrewDemski-ad-gmail-com commented May 2, 2025

Hi Tim,
quick question.
Why would this workaround be required?

WAU gets installed in admin context and such is not ANNOYED by CLM anyway.
Yes I am a big fan of AppLocker which just works (tm).
CLM make sense only in User context in cooperation with other protective measures.
If CLM is used then I guess that environment is already fully managed and user-side installations are most likely disallowed.

Please bear in mind that WAU is constantly evolving, relying on CLM to keep up with unknown changes to make it usable is rather tedious, manual task I wish to nobody.

E.g. ideal torture would include CLM in all contexts and WDAC control over everything :)
Suddenly the benefits of simple WDAC management over AppLocker are diminishing.

HA! That would be a cruelty to IT staff.

BR
AD

@Romanitho Romanitho closed this Dec 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@timbrigham-oc @AndrewDemski-ad-gmail-com @Romanitho @KnifMelti @a-mnich @FaserF @kreativekrise @jmkloz @Senteevs @actions-user