Forum Discussion
Why is WDAC blocking everything.
I have a very new Intune\Entra environment I am using for testing. I've spun up a VM of an early version of Windows 10 so I can test deploying updates from Intune. I also want to test other things ...
Believe reasons below:
- Default WDAC Behavior on Older Windows 10 Builds
Early versions of Windows 10 (especially pre-1903) don’t handle WDAC policies as gracefully. If your VM is running one of these builds, it may interpret Intune’s default security posture as a full block, even if you haven’t explicitly configured WDAC policies. - Intune’s App Control for Business Policies
When a device is onboarded to Intune, it may automatically apply baseline security policies. If the Intune Management Extension isn’t set up as a Managed Installer, apps deployed through Intune won’t be tagged as trusted, and WDAC will block them. - Signed and Reputable Mode
Some WDAC base policies use this mode, which blocks all unsigned or untrusted apps by default. If this was silently applied, it could explain the blanket blocking behavior.