Forum Discussion
flychrome
Jun 06, 2023Copper Contributor
WDAC DLL-Blocking
Hi everyone, I am currently trying to implement WDAC with Intune as a managed installer and have followed the documentation (Allow apps deployed with a WDAC managed installer - Windows Security | Microsoft Learn) for this.
This works pretty well so far, most applications that are packaged and deployed via Intune are allowed to run.
What surprises me, though:
In the WDAC policy, I left out policy rule option 19 (Enabled: Dynamic Code Security) because we don't want to block DLLs.
Nevertheless, it happens from time to time that DLLs are blocked. Nevertheless, it happens from time to time that DLLs are blocked. The errors then look like this:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\xxxxx\AppData\Roaming\Autodesk\ADPSDK\bin\AdpSDKUtil.exe) attempted to load \Device\HarddiskVolume3\Users\xxxxxx\AppData\Roaming\Autodesk\ADPSDK\bin\AdpSDKIdentityWrapper.dll that did not meet the Enterprise signing level requirements or violated code integrity policy (Policy ID:{xxxxxxxx).
Is there any way to disable this behavior or have I overlooked something here?
Is it at all possible to disable blocking of DLLs completely?
The AppLocker configuration for the managed installer:
The Rule Options selected in the WDAC Wizard:
- AJParkerCopper ContributorDid you ever find a solution to this issue? I am encountering the same issue, Dynamic Code Security is not enabled, but having DLL files blocked.
- flychromeCopper Contributor
Sorry for the late reply, I had completely forgotten about this post.
The only way we got it to work was to explicitly allow *.dllNot necessarily nice, but it worked without any further problems.
- AJParkerCopper Contributor
So something like this?
<Allow ID="ID_ALLOW_PATH_231321321323" FriendlyName="Allow by path: *.dll" FilePath="*.dll" />
- daonechrisCopper Contributor
I am having the same issues, a lot of the DLLs when doing patching are getting blocked though I have the Dynamic Code Security disabled. This drives me nuts....