Remove From My Forums

AppLocker on Server Core?

Question
0

Sign in to vote

I am keen to understanding whether AppLocker is supported on Windows Server 2012 Server Core. From the following article, it sounds like it should be possible:

Windows PowerShell can used to manage AppLocker on Server Core installations using the AppLocker cmdlets and, if administered within a GPO, the Group Policy cmdlets. For more information, see the AppLocker PowerShell Command Reference.

http://technet.microsoft.com/en-us/library/hh831440.aspx

Having tried to test this, it looks like switching to Server Core removes the Application Identity service, which I understand is required for enforcement of AppLocker rules.

My online searches failed to find a definitive answer.

Thanks

Tony <a href="http://www.activedir.org">www.activedir.org </a>blog:<a href="http://www.open-a-socket.com">www.open-a-socket.com</a>

Monday, October 14, 2013 7:40 PM

Answers

0

Sign in to vote
Hi Tony,

AppLocker isn't supported on 2012 Server Core edition. Please use normal 2012 with GUI to manage AppLocker.

Thanks, Brian
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
- Marked as answer by Andy Qi Wednesday, November 6, 2013 9:39 AM
Tuesday, October 22, 2013 6:25 AM
0

Sign in to vote
Hi Tony,

Please check it out below:
http://technet.microsoft.com/en-us/library/ee424382.aspx

Regards, Brian
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
- Marked as answer by Andy Qi Wednesday, November 6, 2013 9:39 AM
Friday, November 1, 2013 11:12 AM

All replies

0

Sign in to vote

Hi ,

Thank you for posting your issue in the forum.

I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.

Thank you for your understanding and support.

Best Regards,

Andy Qi

TechNet Subscriber Support

If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Wednesday, October 16, 2013 9:06 AM
0

Sign in to vote
Hi Tony,

AppLocker isn't supported on 2012 Server Core edition. Please use normal 2012 with GUI to manage AppLocker.

Thanks, Brian
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
- Marked as answer by Andy Qi Wednesday, November 6, 2013 9:39 AM
Tuesday, October 22, 2013 6:25 AM
0

Sign in to vote

Thanks Brian

It would be useful if you could ask the documentation teams to update the on-line content to reflect this.
Tony <a href="http://www.activedir.org">www.activedir.org </a>blog:<a href="http://www.open-a-socket.com">www.open-a-socket.com</a>

Monday, October 28, 2013 7:06 PM
0

Sign in to vote
Hi Tony,

Please check it out below:
http://technet.microsoft.com/en-us/library/ee424382.aspx

Regards, Brian
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
- Marked as answer by Andy Qi Wednesday, November 6, 2013 9:39 AM
Friday, November 1, 2013 11:12 AM
0

Sign in to vote

Please check it out below:
http://technet.microsoft.com/en-us/library/ee424382.aspx

Nowhere on that page does it say that Core mode isn't supported. In my testing too it seems Applocker rules are only enforced in Minimal and Full GUI modes (relies on AppIDSvc being present, which it isn't in Core mode).

Seems strange, I thought Core mode was meant to be the more secure approach?

Tuesday, December 10, 2013 1:31 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

AppLocker on Server Core?

Question

Answers

All replies