Cannot get AppLocker to work
I cannot get AppLocker to work. This is not on an isolated PC either. I just upgraded a group of PC to Windows 7 and wanted to lock them down with AppLocker. I created the default rules in each of the rule categories. I changed the everyone group
to the User group where the Everyone group appeared (as the Users group is the group I wish to restrict). I checked off Configured and ensured that Enforce rules was in the drop down window of each rule catagory in the AppLocker properties.
I then set Application Identity service to automatic and started it. I then ran gpupdate /force and finally rebooted the machine. I logged in as a user that is in the Users group, copied an setup.exe (Firefox's latest install) to the desktop and ran it
no problem. As I understand it, this should not be the case. Am I missing some step? Any suggestions? These PC's are not part of a domain and they're running Windows 7 Pro (64bit).
February 8th, 2011 1:59pm
You can use this AppLocker trouble shooting guide
http://technet.microsoft.com/en-us/library/ee791895(WS.10).aspx
You can also check for AppLocker events in the AppLocker eventlog
http://technet.microsoft.com/en-us/library/ee791749(WS.10).aspx
Ray - Author of Windows 7 for XP Professionals
Free Windows Admin Tool Kit Click here and download it now
February 8th, 2011 4:19pm
I checked the event log, discovered a warning there and googled it's meaning. Turns out that AppLocker doesnt work on Windows 7 Pro or Windows 7 Premium, which is completely insane. Thanks for the eventlog suggestion.
February 8th, 2011 4:46pm
You can use this AppLocker trouble shooting guide
http://technet.microsoft.com/en-us/library/ee791895(WS.10).aspx
You can also check for AppLocker events in the AppLocker eventlog
http://technet.microsoft.com/en-us/library/ee791749(WS.10).aspx
Ray - Author of Windows 7 for XP Professionals
Free Windows Admin Tool Kit Click here and download it now
February 9th, 2011 12:15am