내보내기(0) 인쇄
모두 확장

Merge AppLocker Policies Manually

게시: 2012년 4월

업데이트 날짜: 2012년 5월

적용 대상: Windows 8, Windows Server 2012

This procedural topic describes the steps to manually merge AppLocker policies to update the Group Policy Object (GPO) in Windows Server 2012 and Windows 8.

If you have created multiple AppLocker policies and need to merge them to create one AppLocker policy, you can either manually merge the policies or use the Windows PowerShell cmdlets for AppLocker. You cannot automatically merge policies by using the AppLocker snap-in. You must create one rule collection from two or more policies. For information about merging policies by using the cmdlet, see Merge AppLocker Policies by Using Set-ApplockerPolicy.

The AppLocker policy is saved in XML format, and the exported policy can be edited with any text or XML editor. Rule collections are specified within the RuleCollection Type element. The XML schema includes five attributes for the different rule collections, as shown in the following table.

 

Rule collection RuleCollection Type element

Executable rules

Exe

Windows Installer rules

.msi file

Script rules

Script

DLL rules

Dll

Packaged apps and packaged app installers

Appx

Rule enforcement is specified with the EnforcementMode element. The three enforcement modes in the XML correspond to the three enforcement modes in the AppLocker snap-in, as shown in the following table.

 

XML enforcement mode Enforcement mode in Group Policy

NotConfigured

Not configured (rules are enforced)

AuditOnly

Audit only

Enabled

Enforce rules

Each of the three condition types use specific elements. For XML examples of the different rule types, see Merge AppLocker Policies Manually in the Windows Server 2008 R2 Technical Library.

로컬 Administrators 그룹의 구성원이거나 이에 준하는 자격이 있어야 이 절차를 완료할 수 있습니다.

  1. Open an XML policy file in a text editor or XML editor, such as Notepad.

  2. Select the rule collection where you want to copy rules from.

  3. Select the rules that you want to add to another policy file, and then copy the text.

  4. Open the policy where you want to add the copied rules.

  5. Select and expand the rule collection where you want to add the rules.

  6. At the bottom of the rule list for the collection, after the closing element, paste the rules that you copied from the first policy file. Verify that the opening and closing elements are intact, and then save the policy.

  7. Upload the policy to a reference computer to ensure that it is functioning properly within the GPO.

이 정보가 도움이 되었습니까?
(1500자 남음)
의견을 주셔서 감사합니다.

커뮤니티 추가 항목

추가
표시:
© 2014 Microsoft