andrewamason/Intune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Additional Script Updates

Browse Source
This commit is contained in:
Andrew Amason
2025-05-19 15:19:36 -04:00
parent ec2b22290a
commit 9c8438d7d1
136 changed files with 1595 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
intune/Externally Sourced Remediations/DeviceConfiguration/Get-WDAC/Detect_WDAC.ps1 Normal file
View File

@@ -0,0 +1,12 @@
# Detection Script: Detect_WDAC.ps1
# Check if WDAC is enabled
$wdacStatus = Get-CimInstance -ClassName Win32_DeviceGuard -Namespace root\Microsoft\Windows\DeviceGuard
if ($wdacStatus.SecurityServicesConfigured -contains 2 -and $wdacStatus.SecurityServicesRunning -contains 2) {
Write-Output "WDAC is enabled."
exit 0
} else {
Write-Output "WDAC is not enabled."
exit 1
}

13
intune/Externally Sourced Remediations/DeviceConfiguration/Get-WDAC/Remediate_WDAC.ps1 Normal file
View File

@@ -0,0 +1,13 @@
# Remediation Script: Remediate_WDAC.ps1
# Define the path to the WDAC policy binary file
$policyBinaryPath = "C:\Path\To\Your\Policy.cip"
# Copy the policy binary to the correct location
$destinationFolder = "$env:windir\System32\CodeIntegrity\CIPolicies\Active\"
Copy-Item -Path $policyBinaryPath -Destination $destinationFolder
# Enable WDAC policy
Start-Process -FilePath "powershell.exe" -ArgumentList "-Command", "ciTool.exe --update-policy $policyBinaryPath" -NoNewWindow -Wait
Write-Output "WDAC policy has been applied. A system reboot is required for changes to take effect."