Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New-CIPolicyRule cannot accept single files in user mode #3293

Open
timbrigham-oc opened this issue Mar 23, 2023 · 1 comment
Open

New-CIPolicyRule cannot accept single files in user mode #3293

timbrigham-oc opened this issue Mar 23, 2023 · 1 comment
Assignees
@scanum
Labels
area-configci Issues for configci module doc-bug For Upwork freelance team categories/reporting.

Comments

@timbrigham-oc
Copy link

If attempting to create a new rule for a specific file in a folder (say one specific binary out of C:\Windows\system32, my specific use case) there is no ready way to inform New-CIPolicyRule that the -DriverFiles argument that will accept a list of raw file names, or a single raw file name needs to have the UserMode flag set.

For example:

New-CiPolicyRule -DriverFiles $createdFromDriverScan[1] -Level Publisher -Fallback Hash
will have UserMode set to true.

The exact same file if passed directly to New-CIPolicyRule:

New-CiPolicyRule -DriverFiles "C:\Temp\helloWorld.ps1" -Level Publisher -Fallback Hash
will have UserMode set to false, with no way to edit it.

I also looked into initializing a custom Microsoft.SecureBoot.UserConfig.DriverFile object so I could set this parameter myself, but there isn't an obvious way to do this.

Document Details

Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
@scanum scanum self-assigned this Mar 25, 2023
@scanum scanum added the area-configci Issues for configci module label Mar 25, 2023
@scanum scanum added the doc-bug For Upwork freelance team categories/reporting. label Apr 10, 2023
@officedocspr5
Copy link
Collaborator

To make it easier for you to submit feedback on articles on learn.microsoft.com, we're transitioning our feedback system from GitHub Issues to a new experience.

As part of the transition, this GitHub Issue will be moved to a private repository. We're moving Issues to another repository so we can continue working on Issues that were open at the time of the transition. When this Issue is moved, you'll no longer be able to access it.

If you want to provide additional information before this Issue is moved, please update this Issue before December 15th, 2023.

With the new experience, you no longer need to sign in to GitHub to enter and submit your feedback. Instead, you can choose directly on each article's page whether the article was helpful. Then you can then choose one or more reasons for your feedback and optionally provide additional context before you select Submit.

Here's what the new experience looks like.

Note: The new experience is being rolled out across learn.microsoft.com in phases. If you don't see the new experience on an article, please check back later.

First, select whether the article was helpful:

Image showing a dialog asking if the article was helpful with yes and no answers.

Then, choose at least one reason for your feedback and optionally provide additional details about your feedback:

Article was helpful Article was unhelpful
Image showing a dialog asking how the article was helpful with several options. Image showing a dialog asking how the article wasn't helpful with several options.

Finally, select Submit and you're done!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@scanum scanum

Labels
area-configci Issues for configci module doc-bug For Upwork freelance team categories/reporting.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@scanum @timbrigham-oc @officedocspr5