How to clear old WDAC policy when new policy not deploying
#detection
$oldcips = Get-ChildItem -Path "C:\Windows\System32\CodeIntegrity\CiPolicies\Active" -Recurse | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-7))}
if ($oldcips) {
Exit 1
} Else {
Exit 0
}
catch{
$errMsg = $_.exeption.essage
Write-Output $errMsg
}#remediation
Get-ChildItem -Path "C:\Windows\System32\CodeIntegrity\CiPolicies\Active" -Recurse | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-7))} | Remove-Item -Force
Loading...