Set-CiRuleOptions available parameters¶
Syntax¶
Set-CiRuleOptions
-FilePath <FileInfo>
[-Template <String>]
[-RulesToAdd <String[]>]
[-RulesToRemove <String[]>]
[-RequireWHQL <Boolean>]
[-EnableAuditMode <Boolean>]
[-DisableFlightSigning <Boolean>]
[-RequireEVSigners <Boolean>]
[-ScriptEnforcement <Boolean>]
[-TestMode <Boolean>]
[-RemoveAll]
[<CommonParameters>]
Description¶
Configures the Policy rule options in a given XML file and sets the HVCI to Strict in the output XML file. It offers many ways to configure the policy rule options in a given XML file.
All of its various parameters provide the flexibility that ensures only one pass is needed to configure the policy rule options.
Tip
First the template is processed, then the individual boolean parameters, and finally the individual rules to add and remove.
Parameters¶
-FilePath¶
The path to the XML file that contains the WDAC Policy.
Type: | FileInfo |
---|---|
Aliases: | MDELogs |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Template¶
Specifies the template to use for the CI policy rules.
Type: | String |
---|---|
Position: | Named |
Accepted values: | Base , BaseISG , BaseKernel , Supplemental |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RulesToAdd¶
Specifies the rule options to add to the policy XML file. Supports auto tab-completion so you don't need to type them manually.
Note
If a rule option is already selected by the RulesToRemove parameter, it won't be suggested by the argument completer of this parameter.
Type: | String[] |
---|---|
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RulesToRemove¶
Specifies the rule options to remove from the policy XML file. Supports auto tab-completion so you don't need to type them manually.
Note
If a rule option is already selected by the RulesToAdd parameter, it won't be suggested by the argument completer of this parameter.
Type: | String[] |
---|---|
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequireWHQL¶
Specifies whether to require WHQL signatures for all drivers.
Type: | BooleanParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnableAuditMode¶
Specifies whether to enable audit mode.
Type: | BooleanParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisableFlightSigning¶
Specifies whether to disable flight signing.
Type: | BooleanParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequireEVSigners¶
Specifies whether to require EV signers.
Type: | BooleanParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ScriptEnforcement¶
Specifies whether to disable script enforcement
Type: | BooleanParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TestMode¶
Specifies whether to enable Enabled:Boot Audit on Failure and Enabled:Advanced Boot Options Menu rule options in the policy XML file.
Type: | BooleanParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RemoveAll¶
Removes all the existing rule options from the policy XML file.
Type: | SwitchParameter |
---|---|
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |