Forum Discussion
Endpoint Privilege Management and Windows Terminal
Anyone had issues with using Windows Terminal or the Preview once Endpoint Privilege Management has been enabled? I've got a test rule base at the moment that just does powershell and notepad but now...
That's what I'm looking at now. There seems to be a bunch of weird behaviour when EPM is in the mix. For a start there are multiple processes involved with Windows Terminal (WindowsTerminal.exe, OpenTerminal.exe, conhost.exe, wt.exe) so working out what each thing needs is interesting.
I've removed the powershell rule I had and replaced it with a rule for cmd.exe (just to prove it works now). That seems to be fine, although now I'm getting random cmd processes spawned when I'm not interacting with it or anything else for that matter. I'm going to look at EDR data for my device and see if this is related or just something else I have to find time to look at.
I've removed the powershell rule I had and replaced it with a rule for cmd.exe (just to prove it works now). That seems to be fine, although now I'm getting random cmd processes spawned when I'm not interacting with it or anything else for that matter. I'm going to look at EDR data for my device and see if this is related or just something else I have to find time to look at.
S_Rowell, did you ever get this to work?
- Not that worked completely. I've stuck it on the back burner until I have some real time to investigate it.
- a little bit but not so I have a complete solution. The processes noted above are part of the terminal 'shell' but there are then different processes for old school Windows CMD, Windows Powershell, Powershell 7, WSL and Azure Cloud Shell. I've not got all these working yet. I just wish MS would provide templates for common apps so I don't have to track this stuff or update certs when Windows components change signing certificate.
