Windows enables Smart App Control Audit mode for the first 48 hours. This has been causing unpredictable results with App Control for Business. To fix it, it needs to be disabled in the unattend file in Specialize.
<settings pass="specialize">
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>cmd /c reg add "HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy" /v VerifiedAndReputablePolicyState /t REG_DWORD /d 0 /f</Path>
<Description>Disable Smart App Control before OOBE</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>
</settings>
Leave a Reply