Credential Guard

Copper Contributor

I am using the DG_Readiness PowerShell script to enable Credential Guard. The results say it is enabled and running with "Audit Mode" in parenthesis. What does this mean?

5 Replies
That probably refers to another part of Device Guard rather than Credential Guard. Credential Guard does not support an audit mode.
To see if Code Integrity is running in audit (which it does support) try running msinfo32 and looking near the bottom for mentions of audit.
best response confirmed by MichaelMartin (Copper Contributor)

When I use the PowerShell script to enable Credential Guard, then go to GPEdit to view the policy, it is not enabled. Is that by design? I'm still protected, right?

Due to the HW & feature requirements, registry keys can be set and Credential Guard is not running. Group policy is used for configuration but not validation.