AppLocker rules are applied but don't work.

F

FluffyBeaver

Hello.

I've enable an AppLocker policy via Local Security Policy Editor on one server with a RDS role.

When I saw rules are applied and restrictions work I removed all local rules and make GPO which contains the equal rules. Also I included an option for autostart of AppMgmt service.

Then I applied this GPO to DRS farm and to the first (test) server as well. But restrictions work only on the first server.

However, when I invoke

'Get-AppLockerPolicy -Effective'

I have the same results for all servers. And what is more, when I try to check something more specific I can see that rules are applied to all servers. For example:

'Get-AppLockerPolicy -Effective | Test-AppLockerPolicy -User GENERAL\verst -Path '\\file-srv\redirected\Desktop\Verst\Рабочий стол\*.exe' | Format-List'

returns

FilePath : \\file-srv\redirected\Desktop\Verst\Рабочий стол\putty.exe
PolicyDecision : Denied
MatchingRule : Desktop - Deny - test

But users aren't able to run this application only on the first mentioned server.

What did I do wrong?

Continue reading...
 
You must log in or register to reply here.

Similar threads

J
The Future of Windows Server Hyper-V is Bright!
Replies
0
Views
79
Jeff Woolsey
J
W
APPLOCKER on servers
Replies
0
Views
179
WinIT90
W
C
Windows 10 20H2 and Server Essentials 2016 (1607) GPO no longer applying
Replies
0
Views
692
Cyber(Joe)
C
R
Why did users get a log OFF message after WSUS GPO was applied?
Replies
0
Views
136
Rich Gouette (rgouette)
R
R
Microsoft Released Windows CLU kb4577063_buildno_19041.546 to Windows 10 v2004 20H1 and buildno_19042.546 to Windows 10 v2004 20H2 and to Windows 10 s
Replies
0
Views
421
RAJU.MSC.MATHEMATICS
R
Back
Top Bottom