Question on WDAC base policy

N E 51 Reputation points
2022-02-08T17:27:56.933+00:00

Looking to move away from windows 10 with S Mode now that it is no longer supported with windows 11 Education. Would it be possible to add a WDAC base policy to an image sysprep it, deploy the image and from there update the policy from Intune using supplemental policies? Or is it best to have a standard image and apply the policy using Intune from the beginning?

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,211 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Reza-Ameri 14,806 Reputation points
    2022-02-09T16:36:21.937+00:00

    It depends on your requirement and you may do both.
    For example, in case you have static policies with fewer changes and you want to have all policies in place the moment user is using their device, then you may deploy it during imaging. However, in case you are changing and modifying policy and it is fine to deploy policies later, then you may deploy it using Intune.
    It also depends on the usage of the system , for example in case it is personal device connecting to Intune for a while, then you should relay on Intune policy.