Impossible to open .hta file after activating the Control Application (ARS / Intunes)

David B 41 Reputation points
2022-05-06T14:36:52.133+00:00

Hi,

After activating the "Application Control" of ARS in Intunes, I can no longer run files with the .hta extension. I have no error messages or alerts in Defender.

199686-capture.png

I deleted the strategy to go back, the blockage persists.

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,807 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,730 questions
0 comments No comments
{count} votes

Accepted answer
  1. Lu Dai-MSFT 28,366 Reputation points
    2022-05-10T01:41:42.113+00:00

    @David B Thanks for your update.

    If you want to configure this setting to "Not configured", it seems a workaround that try to find the registry key of this setting and then change the registry key to remove the setting.

    If you want to make it via intune, it is needed to do the following actions:

    1. Please remove the group in assignment of the Control Application policy.
    2. Create a Powershell Script that can change the registry key of the target setting.
    3. Deploy this script via intune.
      https://learn.microsoft.com/en-us/mem/intune/apps/intune-management-extension

    Hope it will give you some ideas.

    0 comments No comments

3 additional answers

Sort by: Most helpful
  1. Lu Dai-MSFT 28,366 Reputation points
    2022-05-09T01:37:05.62+00:00

    @David B Thanks for posting in our Q&A. From your description, did you mean that you have removed the group in assignment, but this policy still worked? If there is anything unclear, please correct me.

    For this issue, it seems that this policy is tattooed. Intune deploys policies based on the windows CSPs. The tattoo is an issue or limitation from Windows CSPs. For more details, please refer to the following link:
    https://www.anoopcnair.com/intune-policy-tattooed-not-tattooed-windows-csp/
    Note: Non-Microsoft link, just for the reference.

    Thanks for your understanding.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. David B 41 Reputation points
    2022-05-09T09:58:41.087+00:00

    Hi,

    thank you for your feedback

    Yes, we have removed the group in assignment

    0 comments No comments

  3. David B 41 Reputation points
    2022-05-10T12:55:01.89+00:00