Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,743 questions
Thank you for your response.
I've run command and paste results
Please advice
===
AppLocker is not effect in Windows 10 Pro 20H2
YUKI ABE
1
Reputation point
Thank you for looking this question. I would use Applocker in Win10 Pro 20H2.
Using Applocker, it prohibit to run downloaded files by User (as MSI Installer, *.exe).
1) I created a GPO by GPMC on Windows Server 2019.
GPO is include that Everyone cannot run any application in "C:\program files*"
2) GPO is linked to OU that it belong to the target windows 10 client pc.
3) it run "gpupdate /force" and restart windows 10 pc
4) I test that applocker prohibited application is run. but there is a no effect. any application is lunched
--
My question is that
Is Not Windows 10 Pro 20H2 support AppLocker?
How version of windows 10 is support AppLocker?
With regards
Windows 10
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,518 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,935 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Fan Fan 15,351 Reputation points Microsoft Vendor2021-01-22T00:40:22.797+00:00 Hi,
To understand the issue more clearly, would you please run the command :gpresult /h report.html and share a screenshot here?(Please hide the private information).
Best Regards,
Sign in to comment
4 answers
Sort by: Most helpful
-
YUKI ABE 1 Reputation point
2021-01-22T02:06:49.827+00:00 -
YUKI ABE 1 Reputation point
2021-01-22T03:03:30.717+00:00 After then, I tried to disable fast startup as referred below linked documents.
And, it effected any GPO to target PC.
I'll try applocker a bit more.
With regards
-
Fan Fan 15,351 Reputation points Microsoft Vendor
2021-01-22T07:22:51.587+00:00 Hi,
When you run the command ,need to run cmd as administrator and type the command :gpresult /h report.html.
Then you can see the computer settings on this computer.
Or you can just see the user settings.
Best Regards, -
Fan Fan 15,351 Reputation points Microsoft Vendor
2021-01-25T08:00:29.513+00:00 Hi,
Just want to confirm the current situations.
If there's anything you'd like to know, don't hesitate to ask.Best Regards,
Sign in to comment -
-
YUKI ABE 1 Reputation point
2021-01-25T08:39:30.25+00:00 Thank you for your response.
Applocker is Effected in Win 10 Pro 20H2.
The only reason was that the GPO was not working in fast mode.
It solved.
With regards.
-
Mark Heitbrink 96 Reputation points2021-01-25T13:20:09.797+00:00 Hi YUKIABE-9181,
The Group Policy solution shouldn´t work on the professional SKU. Group Policy requires Enterprise..
Applocker on Professional needs the CSP which is not that easy to apply.
https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker
See the notes:
[...] You can only manage AppLocker with Group Policy on devices running Windows 10 Enterprise,https://msendpointmgr.com/2020/09/20/does-applocker-work-in-windows-10-pro-yes-it-does/
You can use Software Restriction Policies on Professional.
Mark