Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Create a Rule That Uses a File Hash Condition

Published: February 24, 2012

Updated: May 2, 2012

Applies To: Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2



This topic shows how to create an AppLocker rule with a file hash condition in Windows Server 2012 and Windows 8.

File hash rules use a system-computed cryptographic hash of the identified file.

For information about the file hash condition, see Understanding the File Hash Rule Condition in AppLocker.

You can perform this task by using the Group Policy Management Console for an AppLocker policy in a Group Policy Object (GPO) or by using the Local Security Policy snap-in for an AppLocker policy on a local computer or in a security template. For information how to use these MMC snap-ins to administer AppLocker, see Using the MMC snap-ins to administer AppLocker.

  1. Open the snap-in, and in the console tree, double-click Application Control Policies, double-click AppLocker, and then click the rule collection that you want to create the rule for.

  2. On the Action menu, click Create New Rule.

  3. On the Before You Begin page, click Next.

  4. On the Permissions page, select the action (allow or deny) and the user or group that the rule should apply to, and then click Next.

  5. On the Conditions page, select the File hash rule condition, and then click Browse Files to locate the targeted application file.

    noteNote
    You can also click Browse Folders which calculates the hash for all the appropriate files relative to the rule collection. To remove hashes individually, click the Remove button.

  6. Click Next.

  7. On the Name and Description page, either accept the automatically generated rule name or type a new rule name, and then click Create.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.