Get AppLocker File Info (for .EXEs) : Get-AppLockerFileInformation -Directory 'C:\Program Files' –recurse -FileType exe Create AppLocker Policy XML rule set: (Get-AppLockerFileInformation… line above) |

Download Report

Transcript Get AppLocker File Info (for .EXEs) : Get-AppLockerFileInformation -Directory 'C:\Program Files' –recurse -FileType exe Create AppLocker Policy XML rule set: (Get-AppLockerFileInformation… line above) | 

Get AppLocker File Info (for .EXEs) :
Get-AppLockerFileInformation -Directory 'C:\Program Files' –recurse -FileType
exe
Create AppLocker Policy XML rule set:
(Get-AppLockerFileInformation… line above) | New-AppLockerPolicy -ruletype
publisher, hash -user everyone -XML
Create a new Applocker Local GPO with that rule set:
Get-AppLockerFileInformation -Directory 'C:\Program Files' -recurse
-FileType exe | New-AppLockerPolicy -ruletype publisher, hash -user everyone
| Set-AppLockerPolicy –merge
Create a new GPO AppLocker Policy:
Get-AppLockerFileInformation -Directory 'C:\Program Files' –recurse
-FileType exe | New-AppLockerPolicy -ruletype publisher, hash -user
everyone | Set-AppLockerPolicy -LDAP "LDAP://DC.fabrikam.com/CN={4391FF66197D-4BBE-B83E-4B536A09B543},CN=Policies,CN=System,DC=Fabrikam,DC=com"
Dump a domain-based GPO’s AppLocker rules:
Get-AppLockerPolicy -Domain -LDAP "LDAP://DC.fabrikam.com/CN={4391FF66197D-4BBE-B83E-4B536A09B543},CN=Policies,CN=System,DC=Fabrikam,DC=com“ –XML
> output.xml
The applications for which a user is blocked:
Step 1: Get-AppLockerPolicy -EFFECTIVE -Xml > output2.xml
Step 2: Get-ChildItem -Path "C:\Program Files" -Recurse -Filter *.exe |
Convert-Path | Test-AppLockerPolicy -XMLPolicy .\output2.xml
http://technet.microsoft.com/en-us/library/dd723678(WS.10).aspx
http://tinyurl.com/AppLocker1
http://csi-windows.com/blog/videos
What is the Springboard Series?
Inside of Microsoft we are
To the IT pro, our goal is
• A turnkey IT pro engagement platform for depth and breadth
• The program to mobilize MS marketing and field to
focus on desktop OS IT pros
• Be the definitive resource for Desktop IT pros
• Open, honest; show don’t tell
• Information at right time, right level across Adoption Lifecycle
Virtual Roundtable Events
Straight-talk Monthly Feature
Articles and Overview Guides
Springboard Technical Experts
Panel Event Support
and Resources
TalkingAboutWindows
Video Blogs
one-Windows
TechCenter in 10 languages
www.microsoft.com/teched
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn
Sign up for Tech·Ed 2011 and save $500
starting June 8 – June 31st
http://northamerica.msteched.com/registration
You can also register at the
North America 2011 kiosk located at registration
Join us in Atlanta next year