This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 36%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
after enabling applocker trough endpoint manager with just the default rules ,only on exe files, i cant open the company portal.
i already tried adding the CompanyPortal.exe hash to the rules but i think it could be an other exe file that is started by the company portal that is blocked how do i find out which ?
in event viewer i get this error in system log:
Unable to start a DCOM Server: Microsoft.CompanyPortal_11.0.11491.0_x64__8wekyb3d8bbwe!App as Unavailable/Unavailable. The error:
"2147943660"
Happened while starting this command:
"C:\Program Files\WindowsApps\Microsoft.CompanyPortal_11.0.11491.0_x64__8wekyb3d8bbwe\CompanyPortal.exe" -ServerName:App.AppX6s9cdx1jy5jd6t9ardd3z4mjbjxsftk4.mca
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 54%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
You must configure a rule under "Packaged App Rule".
First install the Company Portal over the store and then create the rule...
We had the same issue and solved it as you mentioned above. Still that doesn't make sense. The Company Portal is an executable inside %ProgramFiles% hence should be excluded by default, and since we didn't configure a rule for Packaged App, why was it blocked anyway? I had to configure it as AUDIT only and it worked.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 33%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECW%3C/text%3E%3C/svg%3E)
Can I know if the company portal can be opened when applocker enabled on premise not in endpoint manager? The process flow goes like this: We first model the policy we want to implement using AppLocker in Group Policy Editor. We then export the XML for that policy and use it to create a new, custom Windows 10 Device Configuration policy in Intune. Once the custom policy is deployed, the same policy behavior we modeled with AppLocker in Group Policy Editor is then applied to our targeted Windows 10 devices. Therefore, if it restrict Company portal to open, we need to check if the XML file itself has some restriction with Company Portal.
Also, according to my test, after configuring one applocker policy, other policies will be set as Deny by default in Applocker, please also check if all the policies in Applocker have any restriction with Company Portal.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@nvdl I am just writing to see if there is any update for this issue. Please feel free to reply to me if there is any update.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 14.000000000000002%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVN%3C/text%3E%3C/svg%3E)
Markus had the right solution, i should have added all default rules instead of only adding exe and msi rules.
thank you for your intrest
Glad to see you have found the solution. I think end users in the community will benefit from your answer. If you have any questions in the future, feel free to post back. Have a nice day!