Disable-WdacBidTrace

아티클
11/16/2015

Disable-WdacBidTrace

Disables Built-in Diagnostics Tracing (BidTrace) for troubleshooting WDAC components.

Syntax

Parameter Set: InputObject
Disable-WdacBidTrace [-InputObject] <CimInstance> [-AsJob] [-CimSession <CimSession> ] [-PassThru] [-ThrottleLimit <Int32> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: AllApp
Disable-WdacBidTrace -IncludeAllApplications [-AsJob] [-CimSession <CimSession> ] [-PassThru] [-Platform <String> ] [-ThrottleLimit <Int32> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: Folder
Disable-WdacBidTrace -Folder <String> [-AsJob] [-CimSession <CimSession> ] [-PassThru] [-Platform <String> ] [-ThrottleLimit <Int32> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Parameter Set: Path
Disable-WdacBidTrace [-Path] <String> [-AsJob] [-CimSession <CimSession> ] [-PassThru] [-Platform <String> ] [-ProcessId <UInt32> ] [-ThrottleLimit <Int32> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Detailed Description

For more information about data access tracing (Bidtrace), see Data Access Tracing (Windows 8).

Parameters

-InputObject<CimInstance>

Disable the BidTrace represented by the specified BidTrace setting objects. Enter a variable that contains the objects, or type a command or expression that gets the objects.

Aliases	none
Required?	true
Position?	1
Default Value	none
Accept Pipeline Input?	true (ByValue)
Accept Wildcard Characters?	false

-Path<String>

Disable BidTrace for this application full path.

Aliases	none
Required?	true
Position?	1
Default Value	none
Accept Pipeline Input?	true (ByPropertyName)
Accept Wildcard Characters?	false

-ProcessId<UInt32>

Disable BidTrace only for this process ID.

Aliases	none
Required?	false
Position?	named
Default Value	none
Accept Pipeline Input?	true (ByPropertyName)
Accept Wildcard Characters?	false

-Folder<String>

Disable BidTrace for all applications under this folder.

Aliases	none
Required?	true
Position?	named
Default Value	none
Accept Pipeline Input?	true (ByPropertyName)
Accept Wildcard Characters?	false

-IncludeAllApplications

Disable BidTrace for all applications.

Aliases	none
Required?	true
Position?	named
Default Value	none
Accept Pipeline Input?	true (ByPropertyName)
Accept Wildcard Characters?	false

-Platform<String>

The platform architecture of the WDAC BidTrace setting. Possible values are '32-bit', '64-bit' or 'All'. The default is '32-bit' on a 32-bit process and '64-bit' on a 64-bit process. This is the platform architecture on the remote machine if this command is executed on a remote CIM session.

Aliases	none
Required?	false
Position?	named
Default Value	none
Accept Pipeline Input?	true (ByPropertyName)
Accept Wildcard Characters?	false

-PassThru

Passes the object created by this cmdlet through the pipeline. By default, this cmdlet does not pass any objects through the pipeline.

Aliases	none
Required?	false
Position?	named
Default Value	none
Accept Pipeline Input?	false
Accept Wildcard Characters?	false

-AsJob

Aliases	none
Required?	false
Position?	named
Default Value	none
Accept Pipeline Input?	false
Accept Wildcard Characters?	false

-CimSession<CimSession>

Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.

Aliases	none
Required?	false
Position?	named
Default Value	none
Accept Pipeline Input?	false
Accept Wildcard Characters?	false

-ThrottleLimit<Int32>

Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer. The throttle limit applies only to the current cmdlet, not to the session or to the computer.

Aliases	none
Required?	false
Position?	named
Default Value	none
Accept Pipeline Input?	false
Accept Wildcard Characters?	false

-Confirm

Prompts you for confirmation before running the cmdlet.

Required?	false
Position?	named
Default Value	false
Accept Pipeline Input?	false
Accept Wildcard Characters?	false

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Required?	false
Position?	named
Default Value	false
Accept Pipeline Input?	false
Accept Wildcard Characters?	false

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

Microsoft.Management.Infrastructure.CimInstance#MSFT_WdacBidTrace[]

Examples

This command disables the BidTrace for the application "C:\temp\abc.exe" on the 32-bit platform:

PS C:\> Disable-WdacBidTrace -Path "C:\temp\abc.exe" -Platform 32-bit

This command disables the BidTrace for the application "C:\temp\abc.exe" on the 32-bit platform and disables BidTrace for a particular instance of "abc.exe" (with Process ID = 1234):

PS C:\> Disable-WdacBidTrace -Path "C:\temp\abc.exe" -ProcessId 1234 -Platform 32-bit

This command disables the BidTrace for all applications located inside C:\temp on the native platform:

PS C:\> Disable-WdacBidTrace -Folder "C:\temp"

This command disables the BidTrace for all 64-bit applications:

PS C:\> Disable-WdacBidTrace -IncludeAllApplications -Platform 64-bit

This command first enables the WDAC BidTrace for the 64-bit application "C:\temp\abc.exe". It also saves the result into a PowerShell variable that can be reused in Disable-WdacBidTrace:

PS C:\> $bidSetting = Enable-WdacBidTrace -Path "C:\temp\abc.exe" -Platform 64-bit -PassThru
<use C:\temp\abc.exe>
Disable-WdacBidTrace $bidSetting

Enable-WdacBidTrace

Get-WdacBidTrace

N:Wdac

Disable-WdacBidTrace