Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?xml version="1.0" encoding="utf-8"?>
- <SiPolicy xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyType="Base Policy" xmlns="urn:schemas-microsoft-com:sipolicy">
- <VersionEx>10.0.0.5</VersionEx>
- <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
- <PolicyID>{C6990F81-CC77-4313-9D4A-8DD6103A7035}</PolicyID>
- <BasePolicyID>{C6990F81-CC77-4313-9D4A-8DD6103A7035}</BasePolicyID>
- <Rules>
- <Rule>
- <Option>Enabled:Unsigned System Integrity Policy</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Advanced Boot Options Menu</Option>
- </Rule>
- <Rule>
- <Option>Enabled:UMCI</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Inherit Default Policy</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Update Policy No Reboot</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Dynamic Code Security</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Revoked Expired As Unsigned</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Allow Supplemental Policies</Option>
- </Rule>
- <Rule>
- <Option>Required:Enforce Store Applications</Option>
- </Rule>
- <Rule>
- <Option>Enabled:Managed Installer</Option>
- </Rule>
- <Rule>
- <Option>Disabled:Runtime FilePath Rule Protection</Option>
- </Rule>
- </Rules>
- <EKUs>
- <EKU ID="ID_EKU_WINDOWS" Value="010A2B0601040182370A0306" FriendlyName="" />
- <EKU ID="ID_EKU_ELAM" Value="010A2B0601040182373D0401" FriendlyName="" />
- <EKU ID="ID_EKU_HAL_EXT" Value="010A2B0601040182373D0501" FriendlyName="" />
- <EKU ID="ID_EKU_WHQL" Value="010A2B0601040182370A0305" FriendlyName="" />
- <EKU ID="ID_EKU_STORE" Value="010A2B0601040182374C0301" FriendlyName="Windows Store EKU - 1.3.6.1.4.1.311.76.3.1 Windows Store" />
- <EKU ID="ID_EKU_RT_EXT" Value="010A2B0601040182370A0315" FriendlyName="" />
- <EKU ID="ID_EKU_DCODEGEN" Value="010A2B0601040182374C0501" FriendlyName="Dynamic Code Generation EKU - 1.3.6.1.4.1.311.76.5.1" />
- <EKU ID="ID_EKU_AM" Value="010A2B0601040182374C0B01" FriendlyName="AntiMalware EKU -1.3.6.1.4.1.311.76.11.1 " />
- </EKUs>
- <FileRules>
- <FileAttrib ID="ID_FILEATTRIB_REFRESH_POLICY_1_1" FriendlyName="RefreshPolicy.exe FileAttribute" FileName="RefreshPolicy.exe" MinimumFileVersion="10.0.19042.0" />
- <Allow ID="ID_ALLOW_PATH_0_0_1_3_0" FriendlyName="Allow by path: %OSDRIVE%\IT" FilePath="%OSDRIVE%\IT" />
- <Allow ID="ID_ALLOW_PATH_1_0_1_4_0" FriendlyName="Allow by path: %OSDRIVE%\Users\*\AppData\Local\tana\*" FilePath="%OSDRIVE%\Users\*\AppData\Local\tana\*" />
- <Allow ID="ID_ALLOW_PATH_2_0_1_5_0" FriendlyName="Allow by path: %OSDRIVE%\Users\*\AppData\Local\Programs\Vimcal\*" FilePath="%OSDRIVE%\Users\*\AppData\Local\Programs\Vimcal\*" />
- <Allow ID="ID_ALLOW_PATH_0_0_1_0_0" FriendlyName="Allow by path: %WINDIR%\*" FilePath="%WINDIR%\*" />
- <Allow ID="ID_ALLOW_PATH_1_0_1_0_0" FriendlyName="Allow by path: %OSDRIVE%\Program Files\*" FilePath="%OSDRIVE%\Program Files\*" />
- <Allow ID="ID_ALLOW_PATH_2_0_1_0_0" FriendlyName="Allow by path: %OSDRIVE%\Program Files (x86)\*" FilePath="%OSDRIVE%\Program Files (x86)\*" />
- </FileRules>
- <Signers>
- <Signer Name="Microsoft Product Root 2010 Windows EKU" ID="ID_SIGNER_WINDOWS_PRODUCTION_1_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_WINDOWS" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 ELAM EKU" ID="ID_SIGNER_ELAM_PRODUCTION_1_1_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_ELAM" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 HAL EKU" ID="ID_SIGNER_HAL_PRODUCTION_1_2_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_HAL_EXT" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 WHQL EKU" ID="ID_SIGNER_WHQL_SHA2_1_3_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft Product Root WHQL EKU SHA1" ID="ID_SIGNER_WHQL_SHA1_1_4_0_0">
- <CertRoot Type="Wellknown" Value="05" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft Product Root WHQL EKU MD5" ID="ID_SIGNER_WHQL_MD5_1_5_0_0">
- <CertRoot Type="Wellknown" Value="04" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 Windows EKU" ID="ID_SIGNER_WINDOWS_FLIGHT_ROOT_1_6_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_WINDOWS" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 ELAM EKU" ID="ID_SIGNER_ELAM_FLIGHT_1_7_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_ELAM" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 HAL EKU" ID="ID_SIGNER_HAL_FLIGHT_1_8_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_HAL_EXT" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 WHQL EKU" ID="ID_SIGNER_WHQL_FLIGHT_SHA2_1_9_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="MincryptKnownRootMicrosoftTestRoot2010" ID="ID_SIGNER_TEST2010_1_10_0_0">
- <CertRoot Type="Wellknown" Value="0A" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 Windows EKU" ID="ID_SIGNER_WINDOWS_PRODUCTION_USER_1_11_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_WINDOWS" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 ELAM EKU" ID="ID_SIGNER_ELAM_PRODUCTION_USER_1_12_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_ELAM" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 HAL EKU" ID="ID_SIGNER_HAL_PRODUCTION_USER_1_13_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_HAL_EXT" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 WHQL EKU" ID="ID_SIGNER_WHQL_SHA2_USER_1_14_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft Product Root WHQL EKU SHA1" ID="ID_SIGNER_WHQL_SHA1_USER_1_15_0_0">
- <CertRoot Type="Wellknown" Value="05" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft Product Root WHQL EKU MD5" ID="ID_SIGNER_WHQL_MD5_USER_1_16_0_0">
- <CertRoot Type="Wellknown" Value="04" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 Windows EKU" ID="ID_SIGNER_WINDOWS_FLIGHT_ROOT_USER_1_17_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_WINDOWS" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 ELAM EKU" ID="ID_SIGNER_ELAM_FLIGHT_USER_1_18_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_ELAM" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 HAL EKU" ID="ID_SIGNER_HAL_FLIGHT_USER_1_19_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_HAL_EXT" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 WHQL EKU" ID="ID_SIGNER_WHQL_FLIGHT_SHA2_USER_1_20_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_WHQL" />
- </Signer>
- <Signer Name="Microsoft MarketPlace PCA 2011" ID="ID_SIGNER_STORE_1_21_0_0">
- <CertRoot Type="TBS" Value="FC9EDE3DCCA09186B2D3BF9B738A2050CB1A554DA2DCADB55F3F72EE17721378" />
- <CertEKU ID="ID_EKU_STORE" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 Store EKU" ID="ID_SIGNER_STORE_FLIGHT_ROOT_1_22_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_STORE" />
- </Signer>
- <Signer Name="Microsoft Product Root 2010 RT EKU" ID="ID_SIGNER_RT_PRODUCTION_1_23_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_RT_EXT" />
- </Signer>
- <Signer Name="MincryptKnownRootMicrosoftDMDRoot2005" ID="ID_SIGNER_DRM_1_24_0_0">
- <CertRoot Type="Wellknown" Value="0C" />
- </Signer>
- <Signer Name="MincryptKnownRootMicrosoftProductRoot2010" ID="ID_SIGNER_DCODEGEN_1_25_0_0">
- <CertRoot Type="Wellknown" Value="06" />
- <CertEKU ID="ID_EKU_DCODEGEN" />
- </Signer>
- <Signer Name="MincryptKnownRootMicrosoftStandardRoot2011" ID="ID_SIGNER_AM_1_26_0_0">
- <CertRoot Type="Wellknown" Value="07" />
- <CertEKU ID="ID_EKU_AM" />
- </Signer>
- <Signer Name="Microsoft Flighting Root 2014 RT EKU" ID="ID_SIGNER_RT_FLIGHT_1_27_0_0">
- <CertRoot Type="Wellknown" Value="0E" />
- <CertEKU ID="ID_EKU_RT_EXT" />
- </Signer>
- <Signer Name="Microsoft Standard Root 2011 RT EKU" ID="ID_SIGNER_RT_STANDARD_1_28_0_0">
- <CertRoot Type="Wellknown" Value="07" />
- <CertEKU ID="ID_EKU_RT_EXT" />
- </Signer>
- <Signer Name="Microsoft Code Signing PCA 2011" ID="ID_SIGNER_MICROSOFT_REFRESH_POLICY_1_29_0_0">
- <CertRoot Type="TBS" Value="F6F717A43AD9ABDDC8CEFDDE1C505462535E7D1307E630F9544A2D14FE8BF26E" />
- <CertPublisher Value="Microsoft Corporation" />
- <FileAttribRef RuleID="ID_FILEATTRIB_REFRESH_POLICY_1_1" />
- </Signer>
- <Signer Name="MincryptKnownRootMicrosoftTestRoot2010" ID="ID_SIGNER_TEST2010_USER_1_30_0_0">
- <CertRoot Type="Wellknown" Value="0A" />
- </Signer>
- </Signers>
- <SigningScenarios>
- <SigningScenario ID="ID_SIGNINGSCENARIO_DRIVERS_1" FriendlyName="Auto generated policy on 03-17-2024" Value="131">
- <ProductSigners>
- <AllowedSigners>
- <AllowedSigner SignerId="ID_SIGNER_WINDOWS_PRODUCTION_1_0" />
- <AllowedSigner SignerId="ID_SIGNER_ELAM_PRODUCTION_1_1_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_HAL_PRODUCTION_1_2_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_SHA2_1_3_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_SHA1_1_4_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_MD5_1_5_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WINDOWS_FLIGHT_ROOT_1_6_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_ELAM_FLIGHT_1_7_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_HAL_FLIGHT_1_8_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_FLIGHT_SHA2_1_9_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_TEST2010_1_10_0_0" />
- </AllowedSigners>
- </ProductSigners>
- </SigningScenario>
- <SigningScenario ID="ID_SIGNINGSCENARIO_WINDOWS" FriendlyName="Auto generated policy on 03-17-2024" Value="12">
- <ProductSigners>
- <AllowedSigners>
- <AllowedSigner SignerId="ID_SIGNER_WINDOWS_PRODUCTION_USER_1_11_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_ELAM_PRODUCTION_USER_1_12_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_HAL_PRODUCTION_USER_1_13_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_SHA2_USER_1_14_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_SHA1_USER_1_15_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_MD5_USER_1_16_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WINDOWS_FLIGHT_ROOT_USER_1_17_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_ELAM_FLIGHT_USER_1_18_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_HAL_FLIGHT_USER_1_19_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_WHQL_FLIGHT_SHA2_USER_1_20_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_STORE_1_21_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_STORE_FLIGHT_ROOT_1_22_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_RT_PRODUCTION_1_23_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_DRM_1_24_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_DCODEGEN_1_25_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_AM_1_26_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_RT_FLIGHT_1_27_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_RT_STANDARD_1_28_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_MICROSOFT_REFRESH_POLICY_1_29_0_0" />
- <AllowedSigner SignerId="ID_SIGNER_TEST2010_USER_1_30_0_0" />
- </AllowedSigners>
- <FileRulesRef>
- <FileRuleRef RuleID="ID_ALLOW_PATH_0_0_1_3_0" />
- <FileRuleRef RuleID="ID_ALLOW_PATH_1_0_1_4_0" />
- <FileRuleRef RuleID="ID_ALLOW_PATH_2_0_1_5_0" />
- <FileRuleRef RuleID="ID_ALLOW_PATH_0_0_1_0_0" />
- <FileRuleRef RuleID="ID_ALLOW_PATH_1_0_1_0_0" />
- <FileRuleRef RuleID="ID_ALLOW_PATH_2_0_1_0_0" />
- </FileRulesRef>
- </ProductSigners>
- </SigningScenario>
- </SigningScenarios>
- <UpdatePolicySigners />
- <CiSigners>
- <CiSigner SignerId="ID_SIGNER_STORE_1_21_0_0" />
- <CiSigner SignerId="ID_SIGNER_MICROSOFT_REFRESH_POLICY_1_29_0_0" />
- </CiSigners>
- <HvciOptions>0</HvciOptions>
- <Settings>
- <Setting Provider="PolicyInfo" Key="Information" ValueName="Name">
- <Value>
- <String>ExcelaPolicy</String>
- </Value>
- </Setting>
- <Setting Provider="PolicyInfo" Key="Information" ValueName="Id">
- <Value>
- <String>2024-03-16</String>
- </Value>
- </Setting>
- </Settings>
- </SiPolicy>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement