I'm working with two computers with the exact same hardware and version of Windows--for simplicity let's call them computer A and computer B. I've created an AppLocker policy in the Local Security Policy editor on computer A and all the rules were working as expected, so I exported the policy, added it to a USB, and migrated it to computer B. When I import the policy into the Local Security Policy editor AppLocker location, I see that the same number of rules come across as I had on computer A (great!). However, it doesn't not seem like the enforcement is the same on both systems. Computer B is only getting partial enforcement. The big examples are explorer.exe and MS Edge. On computer A, both of these features are correctly blocked, but on computer B they both work. I was under the assumption that AppLocker takes a whitelist approach, and there are no explicit allow rules for MS Edge or explorer.exe, so how are they being allowed to run on computer B?
Please also note that all the rules are set to impact the Everyone group, with one exception allow rule that unblocks everything for a local admin account so I don't mess up my ability to use my computers.
I'm certain the correct application identification services are running, because some of the rules are being enforced on computer B. Diff-checked the policies on computer A and computer B to make sure nothing weird happened with the import/export. They're identical. Really at a loss here.
Also, I unfortunately cannot just take the image from computer A and put that on computer B. I'm developing a work instruction in which I need to outline the process for getting from a base Windows 10 installation to a configured version of Windows 10 with proper AppLocker enforcement. It would be nice if that process included simply an import of an AppLocker policy and not a manual setting of all the rules.
Any help would be greatly appreciated. Thank you for your time.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 14.000000000000002%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)