AppLocker rules are applied but don't work.
hello.
i've enable applocker policy via local security policy editor on 1 server rds role.
when saw rules applied , restrictions work removed local rules , make gpo contains equal rules. included option autostart of appmgmt service.
then applied gpo drs farm , first (test) server well. restrictions work on first server.
however, when invoke
'get-applockerpolicy -effective'
i have same results servers. , more, when try check more specific can see rules applied servers. example:
'get-applockerpolicy -effective | test-applockerpolicy -user general\verst -path '\\file-srv\redirected\desktop\verst\Рабочий стол\*.exe' | format-list'
returns
filepath : \\file-srv\redirected\desktop\verst\Рабочий стол\putty.exepolicydecision : denied
matchingrule : desktop - deny - test
but users aren't able run application on first mentioned server.
what did wrong?
hi,
what applocker event log say?
application , services->microsoft->windows->applocker-> exe , dll
/\
best regards,
jesper vindum, denmark
systems administrator
help forum: monitor(alert) threads , vote helpful replies or mark them answer, if helps solving problem.
Windows Server > Windows Server 2012 General
Comments
Post a Comment