< Back
Merge-CIPolicy
Post
NAME Merge-CIPolicy
SYNOPSIS
Combines the rules in several Code Integrity policy files.
SYNTAX
Merge-CIPolicy [-OutputFilePath] <String> [-PolicyPaths] <String[]> [-Rules <Rule[]>] [<CommonParameters>]
DESCRIPTION
The Merge-CIPolicy cmdlet combines the rules in several Code Integrity policy files. This cmdlet creates a single policy .xml file. You can
specify rules to add to the merged list. This cmdlet does not save redundant rules. The cmdlet appends a digit to the IDs of the rules to make the
IDs of the rules unique.
PARAMETERS
-OutputFilePath <String>
Specifies the path of the merged .xml policy file.
Required? true
Position? 1
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-PolicyPaths <String[]>
Specifies an array of paths of the policy .xml files that this cmdlet merges.
Required? true
Position? 2
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-Rules [<Rule[]>]
Specifies an array of Rule objects that this cmdlet adds to the merged policy. To obtain a rule object, use the Get-CIPolicy or
New-CIPolicyRule cmdlets.
Required? false
Position? named
Default value none
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
Rule
This cmdlet returns the rules in the policy that it creates.
Example 1: Merge policies
PS C:\\>Merge-CIPolicy -PolicyPaths '.\\Policy.xml','.\\Policy02.xml' -OutputFilePath '.\\MergedPolicy.xml'
Name : MSIT Test CodeSign CA 3
Id : ID_SIGNER_S_17_0
TypeId : Allow
Root : FA6B9A2230CE08BCA81D096B28CF495672401D3A43A0D285CF352464A6C9C7FD
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : VeriSign Class 3 Code Signing 2010 CA
Id : ID_SIGNER_S_1D_0
TypeId : Allow
Root : 4843A82ED3B1F2BFBEE9671960E1940C942F688D
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : Microsoft Windows Third Party Component CA 2012
Id : ID_SIGNER_S_1E_0
TypeId : Allow
Root : CEC1AFD0E310C55C1DCC601AB8E172917706AA32FB5EAF826813547FDF02DD46
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : \\\\?\\E:\\cmdlets\\temp\\Microsoft.ConfigCI.Commands.dll Hash Sha1
Id : ID_ALLOW_A_49_1
TypeId : Allow
Root :
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
This command merges policies defined in the two .xml files into a third file, MergedPolicy.xml. The cmdlet appends _0 to ID of the rules from the
first policy, such as ID_SIGNER_S_17_0. It appends _1 to rules from the second policy, such as ID_ALLOW_A_49_1. The command does not include
duplicates. For this example, we present only the first few rules.
RELATED LINKS
Get-CIPolicy
New-CIPolicyRule
SYNOPSIS
Combines the rules in several Code Integrity policy files.
SYNTAX
Merge-CIPolicy [-OutputFilePath] <String> [-PolicyPaths] <String[]> [-Rules <Rule[]>] [<CommonParameters>]
DESCRIPTION
The Merge-CIPolicy cmdlet combines the rules in several Code Integrity policy files. This cmdlet creates a single policy .xml file. You can
specify rules to add to the merged list. This cmdlet does not save redundant rules. The cmdlet appends a digit to the IDs of the rules to make the
IDs of the rules unique.
PARAMETERS
-OutputFilePath <String>
Specifies the path of the merged .xml policy file.
Required? true
Position? 1
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-PolicyPaths <String[]>
Specifies an array of paths of the policy .xml files that this cmdlet merges.
Required? true
Position? 2
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-Rules [<Rule[]>]
Specifies an array of Rule objects that this cmdlet adds to the merged policy. To obtain a rule object, use the Get-CIPolicy or
New-CIPolicyRule cmdlets.
Required? false
Position? named
Default value none
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
Rule
This cmdlet returns the rules in the policy that it creates.
Example 1: Merge policies
PS C:\\>Merge-CIPolicy -PolicyPaths '.\\Policy.xml','.\\Policy02.xml' -OutputFilePath '.\\MergedPolicy.xml'
Name : MSIT Test CodeSign CA 3
Id : ID_SIGNER_S_17_0
TypeId : Allow
Root : FA6B9A2230CE08BCA81D096B28CF495672401D3A43A0D285CF352464A6C9C7FD
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : VeriSign Class 3 Code Signing 2010 CA
Id : ID_SIGNER_S_1D_0
TypeId : Allow
Root : 4843A82ED3B1F2BFBEE9671960E1940C942F688D
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : Microsoft Windows Third Party Component CA 2012
Id : ID_SIGNER_S_1E_0
TypeId : Allow
Root : CEC1AFD0E310C55C1DCC601AB8E172917706AA32FB5EAF826813547FDF02DD46
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
Name : \\\\?\\E:\\cmdlets\\temp\\Microsoft.ConfigCI.Commands.dll Hash Sha1
Id : ID_ALLOW_A_49_1
TypeId : Allow
Root :
FileVersionRef :
Wellknown : False
Ekus :
Exceptions :
FileAttributes :
FileException : False
UserMode : False
This command merges policies defined in the two .xml files into a third file, MergedPolicy.xml. The cmdlet appends _0 to ID of the rules from the
first policy, such as ID_SIGNER_S_17_0. It appends _1 to rules from the second policy, such as ID_ALLOW_A_49_1. The command does not include
duplicates. For this example, we present only the first few rules.
RELATED LINKS
Get-CIPolicy
New-CIPolicyRule