내보내기(0) 인쇄
모두 확장

Refresh an AppLocker Policy

게시: 2012년 4월

업데이트 날짜: 2012년 5월

적용 대상: Windows 8, Windows Server 2012

This topic describes the steps to force an update for an AppLocker policy in Windows Server 2012 and Windows 8.

If you update the rule collection on a local computer by using the Local Security Policy snap-in, the policy will take effect immediately. If Group Policy is used to distribute the AppLocker policy and you want to immediately implement the policy, you must manually refresh the policy. The Group Policy refresh might take several minutes, depending upon the number of policies within the Group Policy Object (GPO) and the number of target computers.

To use Group Policy to distribute the AppLocker policy change, you need to retrieve the deployed AppLocker policy first. To prepare for the update and subsequent refresh, see Edit an AppLocker Policy and Use the AppLocker Windows PowerShell Cmdlets.

To complete this procedure, you must have Edit Setting permission to edit a GPO. By default, members of the Domain Admins group, the Enterprise Admins group, and the Group Policy Creator Owners group have this permission.

  1. Open a Command Prompt window.

  2. At the command prompt, type gpupdate /force, and then press ENTER.

  3. When the command finishes, close the Command Prompt window, and then verify that the intended rule behavior is correct. You can do this by checking the AppLocker event logs for events that include "policy applied."

To change a policy on an individual computer, or to implement that policy on other computers, without using Group Policy, you first need to update the rule within the rule collection. For information about updating existing rules, see Edit AppLocker Rules. For information about creating a new rule for an existing policy, see:

로컬 Administrators 그룹의 구성원이거나 이에 준하는 자격이 있어야 이 절차를 완료할 수 있습니다.

To refresh the AppLocker policy on the local computer

When finished, the policy is in effect.

To make the same change on another computer, you can use any of the following methods:

  • From the computer that you made the change on, export the AppLocker policy, and then import the policy onto the other computer. To do this, use the AppLocker Export Policy and Import Policy features to copy the rules from the changed computer.

    Caution주의
    When importing rules from another computer, all the rules will be applied, not just the one that was updated. Merging policies allows both existing and updated (or new) rules to be applied.

  • Merge AppLocker policies. For procedures to do this, see Merge AppLocker Policies Manually and Merge AppLocker Policies by Using Set-ApplockerPolicy.

이 정보가 도움이 되었습니까?
(1500자 남음)
의견을 주셔서 감사합니다.

커뮤니티 추가 항목

추가
표시:
© 2014 Microsoft