Enforce AppLocker rules
This article for IT professionals describes how to enforce application control rules by using AppLocker.
After AppLocker rules are created within the rule collection, you can configure the enforcement setting to Enforce rules or Audit only on the rule collection.
When AppLocker policy enforcement is set to Enforce rules, rules are enforced and events are logged to the AppLocker logs. When AppLocker policy enforcement is set to Audit only, rules are only evaluated but events generated from that evaluation are written to the AppLocker logs.
To enforce AppLocker rules by configuring an AppLocker policy to Enforce rules, see Configure an AppLocker policy for enforce rules.
Warning
AppLocker rules will be enforced immediately on the local device or when the Group Policy object (GPO) is updated by performing this procedure. If you want to see the effect of applying an AppLocker policy before setting the enforcement setting to Enforce rules, configure the policy to Audit only. For info about how to do this, see Configure an AppLocker policy for audit onlyor Test an AppLocker policy by Using Test-AppLockerPolicy.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for