WDAC policy ignored
#540
Replies: 1 comment
-
|
Only signed policies go to the EFI partition. Use the CiTool.exe for deploying CIP files, it automatically chooses best place to deploy the signed/unsigned CIP files. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Generated a non-signed MPF policy and copied to the C:\Windows\System32\CodeIntegrity\CiPolicies\Active directory and it gets activated. Same policy moved to the EFI partition gets evaluated, according to eventlog, but 3103 ignored. Is there a way to debug the reason for the ignore ? Any idea, what might be wrong ?
Deploying a non-signed SPF to EFI via GPO works
Beta Was this translation helpful? Give feedback.
All reactions