Script to set exception to policy


Please download, extract, and import this CW Automate script.

https://license.third-wall.com/dl/tools/TW-SetExceptionToPolicy.zip


The instructions PDF from ConnectWise Automate for Exporting and Importing scripts is attached at the bottom of this KB.


Once you have imported the script locate the TW - Set Exception to Policy script, it should be in the Actions folder.



Open the script and click the Globals and Parameters tab.

Change the TWPolicyIndex to the numerical value of the policy you wish to except. In this example 29 is the Block Social Media policy. There is a list of policies and IDs at the bottom of this article.


Click Save to update the policy value then save the script by clicking "Save" at the bottom right.

You can now run this script on a client, location, or specific computer.


List of policies and numerical value

2    Rename Local Administrator Account

3    Set Local Administrator Password

4    Disable Local Administrator Account

5    Enable Minimum Password Length

6    Enable Maximum Password Age

7    Enable Password Protected Screen Saver

8    Restrict Local Administrator Tools

9    Enable UAC

10    Disable Setup.exe and Install.exe

11    Disable Windows Installer

12    Disable Windows 10 Keylogger

13    Enable Logon Message

15    Enable Smart Screen

16    Enable UPnP

17    Disable AutoPlay (AutoRun)

18    Disable Running Exe from %APPDATA%

19    Disable Write to Optical Devices

20    Disable Read & Write to Optical Devices

21    Disable Write to USB Storage Devices

22    Disable Read & Write to USB Storage Devices

23    Disable Cloud Storage

24    Schedule Free Space Delete

26    Uninstall Blacklisted Software

27    Enforce Complex Passwords

28    Block Common Webmail

29    Block Social Media

30    Disable Windows Store

31    Disable Google Play

32    Disable Apple App Store

33    Disable Office Macros Downloaded from the Internet

34    Disable OLE in OFfice Documents

35    Enable Windows Firewall = Workstations

36    Enable Windows Firewall = Servers

37    Disable Local LM Hash Storage

38    Audit All NTLM Traffic

39    Disable LM NTLM v1

40    Disable NetBios

41    Disable IPv6

42    Disable IGMP

43    Disable SMB v1

44    Log All Logon Events

45    Enhance Security Logging

46    Monitor Event Log Clearing

47    Alert on Excessive Logon Failures

48    Monitor for Ransomware Attack

49    Alert on Unencrypted Disk

50    Enable User Logon Reporting

51    Disable Guest Account

52    Disable Microsoft Accounts

53    Enable USB Wall

54    Disable Terminal Server Services

55    Enable USB Watch

56    Enable TWAPS

57    Clear Windows Pagefile on Reboot

58    Enable Registry Backup