AppLocker policy "like"
hey,
i setting applocker policies sysinternals.
because of clearity great, if not have define special rule every sysinternals tool itself.
know can specific settings publisher, product name, file name & file version anything.
possible product name starts "sysinternals" ?
tried - unfortunately without success:
thanks :)
> possible product name starts "sysinternals" ?
unfortunately: no. * in these fields not real wildcard,
basically hint "ignore property".
what can instead: leverage get-applockerfileinformation ,
new-applockerpolicy create set of cert rules given set of
files @ once... lets assume source directory
create rules c:\sysinternals:
get-applockerfileinformation c:\sysinternals\*.exe | new-applockerpolicy
-ruletype publisher -rulenameprefix "sysinternals-" -user
-ignoremissingfileinformation -optimize | set-applockerpolicy -ldap "dn
of destination gpo" -merge
(all 1 line...)
Windows Server > Group Policy
Comments
Post a Comment