How to configure Applocker policies to restrict everything except a single application on RDSH, without breaking windows?
i've been searching examples of how best use applocker policies lock down 2008r2 remote desktop host. for host in question, want users able access single application. i block access other executables, setup files, etc, without breaking in windows. (it wouldn't if user couldn't log in because explorer wouldn't load or such)
i should think isn't uncommon goal, can't seem find example of policy structure used in such situation. does know of example locking down without preventing users accessing server , launching 1 exe?
hi,
q: can block applications except software publisher?a: yes. can creating publisher condition rule allows files run signed specific software publisher. in cases binaries created dynamically, create path rule condition.
sorry misunderstanding, found similar thread here:
using applocker prevent applications except specific ones
please go through it.
hope helps.
regards,
yan li
if are technet subscription user , have feedback on our support quality, please send feedback here.
yan li
technet community support
Windows Server > Security
Comments
Post a Comment