Page tree

Welcome to FreeSoftwareServers Confluence Wiki

Skip to end of metadata
Go to start of metadata

To Block one Specific App you must first create an "Allow All" rule (and Allow All based upon Publisher) which by default denies all App's not specified inside rule.

You must then Create and Exception to the "Allow All" for the App you want to Block.

Pre-Req: App Locker Requires two things to be configured before it "works".

  1. Right click AppLocker in Group Policy Editor and Enfore Rules.

AppLocker prop

AppLocker-Properties-Enforce

 2. Start Auditing Service and set to AutoStart. Search >> Services.msc >> Right Click Application Identity >> Properties >> Startup Type >> Automatic.

Services-Search

 Enable-Service-MSC-Properties

Enable-Service-MSC-AutoStartup

 AppLocker is now Configured to Run @ Boot!

---------------------------------------------

Now to Configure "Allow All" rule w/ Expception for program to Block

Open Group Policy Editor expand down to Packaged App Rules >> Right Click >> Create New Rule

GroupPolicy-CreateNew

 Now Select Allow >> Everyone >> Next >>

Allow-Everyone_Start

Now Select "Use an Installed Package App as Reference" Select Any App (Except Skype) [Notice they all have same publisher!] >> Move the Slider to block by Publisher.

SamePublisher

BlockbyPublisher

Now you Need to add an Exception for the App you wan to BLOCK. Click next >> "Use an Installed Package App as Reference" >> Select the App >> Move the Slider to "enforce" by Package Name. >> Create Rule.

Allow-AppException

The Final Rule should look like this!

Final Rules

 

 

Test & profit.

  • No labels