Hey Yevhen UK
Let me help you, if you eant to configure WDAC policies to allow PowerShell
Start with Using the Get-RuleOption
cmdlet to identify the specific rules associated with PowerShell and constrained language mode.
Get-RuleOption -FilePath [path to the XML policy] -Id 4101, 4102, 4103
This will show you the current rules associated with PowerShell in your WDAC policy.
Now Use the Set-RuleOption
cmdlet to modify specific rule options. For example, you might change the EnforcementMode
to "Audit" for PowerShell rules to allow monitoring without blocking.
Set-RuleOption -FilePath [path to the XML policy] -Id 4101, 4102, 4103 -Option 11 -Value 0
This sets the enforcement mode for the identified rules to "Audit" (0), allowing you to monitor without blocking.
If this helps kindly accept the answer thanks very much.