Question on WDAC base policy

N E 56 Reputation points

Looking to move away from windows 10 with S Mode now that it is no longer supported with windows 11 Education. Would it be possible to add a WDAC base policy to an image sysprep it, deploy the image and from there update the policy from Intune using supplemental policies? Or is it best to have a standard image and apply the policy using Intune from the beginning?

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,747 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Reza-Ameri 16,831 Reputation points

    It depends on your requirement and you may do both.
    For example, in case you have static policies with fewer changes and you want to have all policies in place the moment user is using their device, then you may deploy it during imaging. However, in case you are changing and modifying policy and it is fine to deploy policies later, then you may deploy it using Intune.
    It also depends on the usage of the system , for example in case it is personal device connecting to Intune for a while, then you should relay on Intune policy.

    0 comments No comments