Troubleshooting
This topic lists out troubleshooting reference for the readers of Application Control 2.0.
Troubleshooting reference for tasks 201–209 with standardized exit codes. Exit code 0 indicates success; non-zero codes pinpoint specific failure stages to aid rapid diagnosis.
Application Control 2.0 Tasks and Exit Codes
- Task 201-Create and Setup Self-Signed Certificate on Endpoint v2.0
-
Table 1. Task 201 and its exit codes Exit Code Description 0 Success. 10 BAC directory creation failure. 11 Certificate directory creation failure. 12 Log directory creation failure. 20 Certificate creation failure. 30 Certificate export failure. - Task 202-Deploy Custom Base Policy v2.0
-
Table 2. Task 202 and its exit codes Exit Code Description 0 Success. The custom WDAC base policy was successfully processed, signed, and deployed.
10 Working Directory Creation Failed. The BAC working directory could not be created or accessed.
11 Log Directory Creation Failed. The logging directory could not be created, preventing execution tracking.
12 Policy Directory Creation Failed. The policy storage directory could not be initialized.
30 Policy Processing Failure. Error occurred during XML processing, version bumping, or rule injection.
40 Binary Conversion Failure. Failed to convert the WDAC policy from XML format to binary (.cip).
50 Signing Failure. The policy signing process failed or generated an invalid signature.
60 Deployment Failure. Failed to mount the EFI partition or copy the policy to the target location.
70 Policy Refresh Failure. The policy refresh process or EFI dismount failed.
- Task 203-Deploy Supplemental Policy on Endpoint v2.0
-
Table 3. Task 203 and its exit codes Exit Code Description 0 Success. 20 Missing Base Policy GUID. 30 No valid rules generated. 40 Signing failure or invalid signed output. - Task 204-Deploy Default Microsoft Base Policy v2.0
-
Table 4. Task 204 and its exit codes Exit Code Description 0 Success. The WDAC base policy was successfully processed, signed, and deployed.
10 Working Directory Creation Failed. The BAC working directory could not be created or accessed.
11 Log Directory Creation Failed. The logging directory could not be created, preventing execution tracking.
12 Policy Directory Creation Failed. The policy storage directory could not be initialized.
20 Template Missing. The selected WDAC policy template file was not found or failed to download.
30 Policy Processing Failure. An error occurred during policy preparation, versioning, or rule configuration.
40 Binary Conversion Failure. Failed to convert the WDAC policy from XML format to binary (.cip).
50 Signing Failure. The policy signing process failed or the signed output was not generated correctly.
60 Deployment Failure. Failed to mount the EFI partition or copy the policy to the target location.
70 Policy Refresh Failure. The policy refresh process failed after deployment. A reboot may be required.
- Task 205-Enforce Secure ACL on BAC Folder on Endpoint v2.0
-
Table 5. Task 205 and its exit codes Exit Code Description 0 Success. 10 BAC directory not found. 20 Failed to apply ACL permissions. 30 Failed to set ownership. - Task 206-Generate Blocked WDAC Event Logs on Endpoint v2.0
-
Table 6. Task 206 and its exit codes Exit Code Description 0 Success. 10 Invalid time frame. 20 BAC path not found. 30 Event query failure. 40 No events found. 50 Report generation failure. - Task 207-Refresh Self-Signed Certificate and Update Deployed Policies Signers on Endpoint v2.0
-
Table 7. Task 207 and its exit codes Exit Code Description 0 Success. 10 Directory setup failure. 20 Certificate creation or export failure. 30 XML processing or version bump failure. 40 Binary conversion failure. 50 Sign tool signing failure. 60 EFI mount or deployment failure. 70 Policy refresh tool failure. - Task 208-Refresh Thumbprint of Deployed Policies on Endpoint v2.0
-
Table 8. Task 208 and its exit codes Exit Code Description 0 Success. 10 Directory setup failure. 20 Certificate creation or export failure. 30 XML processing or version bump failure. 40 Binary conversion failure. 50 Sign tool signing failure. 60 EFI mount or deployment failure. 70 Policy refresh tool failure. 80 Thumbprint rotation failure. - Task 209-Remove (Base/Supplemental) Policy from Endpoint v2.0
-
Table 9. Task 209 and its exit codes Exit Code Description 0 Success. 10 Invalid input parameters. 20 BAC path not found. 30 EFI mount failure. 40 Policy removal failure. 50 AllowAll.xml not found. 60 AllowAll deployment failure.