none
AppLocker 2008R2 Network Locations

    Question

  • I am trying to make AppLocker work with network paths. My environment is very reliant on back end server connections for our hosted applications to function. With AppLocker in place I have had zero luck trying to allow an application coming from another server on the network to run.

    Anytime I make a change to my AppLocker policy I reboot my test machine and ensure that my changes are coming down via GPRESULT. 

    My application is located in \\servername\3MHIS\HDM\WFRONT.exe

    I have attempted the following ALLOW rule paths to the EVERYONE and DOMAIN USERS group. I wish to use path because our applications are not digitally signed by publisher and have version updates too frequently to implement a hash rule

    \\servername\*

    \\servername\3MHIS\*

    \\servername\3MHIS$

    \\servername\3MHIS\HDM\*

    \\servername\3MHIS\HDM\WFRONT.exe

    T:\* (when the client connects to the application it will map to one of these drives)

    Z:\* (when the client connects to the application it will map to one of these drives)

    Even generating the rules automatically through AppLocker does not allow the EXE to turn when pointed to the application directory.

    I am truly at a loss with AppLocker

    -Jason

    Monday, February 13, 2017 6:46 PM

All replies