- 09-Setup-CMM.ps1: Step 2.5 ACL list targeted C:\Program Files\DODA (a path
that never exists), so the BUILTIN\Users write grant on DODA was silently
skipped. Corrected to C:\Apps\DODA, where Install-DODA.ps1 actually extracts.
- Install-DODA.ps1: create C:\Apps\DODA\PreProcess after extract. The DODA
zip unpacks flat without it; MergeFiles.exe expects it and crashed with
DirectoryNotFoundException (MergeFiles.GetDoDAFolder) when absent.
- docs/cyberark-cmm-doda-policy.md: EPM admin reference for elevating the CMM
report toolchain. CyberArk EPM elevation is per-process and not inherited, so
the external tools PC-DMIS spawns (MergeFiles/PCDToIGES/RotateProbeVector/
DovetailAnalysis) run un-elevated and fail. Doc gives the Application Group
(by SHA-256), the Elevate policy, scope, verify steps, and the
CREATE_PDF_FROM_RTF.BAS rework that drops Word/Reader from the elevation set.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
