Export (0) Print
Expand All

Determine Group Policy Structure and Rule Enforcement

Published: August 19, 2009

Updated: June 21, 2012

Applies To: Windows 7, Windows 8, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2



This overview topic describes the process to follow when you are planning to deploy AppLocker rules.

You should review the following topics to learn how to structure AppLocker rules for the targeted business groups in your organization:

When you are determining how many Group Policy Objects (GPOs) to create when you apply an AppLocker policy in your organization, you should consider the following:

  • Whether you are creating new GPOs or using existing GPOs

  • Whether you are implementing Software Restriction Policies (SRP) policies and AppLocker policies in the same GPO

  • GPO naming conventions

  • GPO size limits

noteNote
There is no default limit on the number of AppLocker rules that you can create. However, in Windows Server 2008 R2, GPOs have a 2 MB size limit for performance. In subsequent versions, that limit is raised to 100 MB.

After you have determined your Group Policy structure and rule enforcement, record your findings as explained in Document Group Policy Structure and AppLocker Rule Enforcement.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft