Policy

Configure Security Policy for Scripted Diagnostics

This policy setting determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers. If you enable this policy setting, the scripted diagnostics execution engine validates the signer of any diagnostic package and runs only those signed by trusted publishers. If you disable or do not configure this policy setting, the scripted diagnostics execution engine runs all digitally signed packages.

Policy
PackMicrosoft Windows
CategorySystem / Troubleshooting and Diagnostics / Scripted Diagnostics
Policy IDb5291ae4d7b6
Internal nameScriptedDiagnosticsSecurityPolicy

Registry

Copy registry mappings

HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics\ValidateTrust (enabled) = 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics\ValidateTrust (disabled) = 0

Policy notes

This policy setting determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers. If you enable this policy setting, the scripted diagnostics execution engine validates the signer of any diagnostic package and runs only those signed by trusted publishers. If you disable or do not configure this policy setting, the scripted diagnostics execution engine runs all digitally signed packages.

Related policies