Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Enforce AppLocker Rules

Published: February 24, 2012

Updated: May 2, 2012

Applies To: Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2



This topic describes how to enforce application control rules by using AppLocker in Windows Server 2012 and Windows 8.

After AppLocker rules are created within the rule collection, you can configure the enforcement setting to Enforce rules or Audit only on the rule collection.

When AppLocker policy enforcement is set to Enforce rules, rules are enforced for the rule collection and all events are audited. When AppLocker policy enforcement is set to Audit only, rules are only evaluated but all events generated from that evaluation are written to the AppLocker log.

There is no audit mode for the DLL rule collection. DLL rules affect specific applications. Therefore, test the impact of these rules first before deploying them to production.

To enforce AppLocker rules by configuring an AppLocker policy to Enforce rules, see Configure an AppLocker Policy for Enforce Rules.

CautionCaution
AppLocker rules will be enforced immediately on the local computer or when the Group Policy object (GPO) is updated by performing this procedure. If you want to see the effect of applying an AppLocker policy before setting the enforcement setting to Enforce rules, configure the policy to Audit only. For information about how to do this, see Configure an AppLocker Policy for Audit Onlyor Test an AppLocker Policy by Using Test-AppLockerPolicy.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.