locked
OOBE Audit Mode and AppLocker RRS feed

  • Question

  • Hello,

    I am currently creating a Windows 8.1 customised .wim for my organisation. Upon booting into Audit Mode via Shift+Ctrl+F3 I have attempted to create a rule to "Deny" users accessing Metro Applications via AppLocker as instructed via Microsoft documentation. When selecting "use an installed packaged app as a reference" the list of applications is empty. Im suspecting this is because im in oobe audit mode? If I come out of audit mode and then set the same rule via AppLocker I am presented with a list of installed Metro applications to choose from.

    My question is how can I prevent  Metro applications from within audit mode. I really want to use local gpedit.msc and not central GPO as we dont have Server 2012 DC's.

    Any help would be appreciated.


    • Edited by Paddy831 Monday, February 17, 2014 4:28 PM
    Monday, February 17, 2014 3:49 PM

Answers

  • Assuming you have 500 clients joined to a domain, regardless of what Windows version you have on the domain controllers, I'm suggesting that you create a domain group policy using the GRoup Policy Management console installed with RSAT to deploy your desired AppLocker configuration to all 500 Machines.

    Blogging about Windows for IT pros at www.theexperienceblog.com

    • Marked as answer by Paddy831 Wednesday, February 19, 2014 4:12 PM
    Tuesday, February 18, 2014 11:26 AM

All replies

  • If I read between the lines you have some kind of domain environment with X number of domain controllers? The fact that your DCs are not 2012 or 2012 R2 does not matter at all. You can use all group policy features for Windows 8.1 if you just make sure to manage/edit group policies from a Windows 8.1 box (using Remote Server Administration Tools). That is regardless if you have Windows Server 2003 domain controllers or later.


    Blogging about Windows for IT pros at www.theexperienceblog.com

    Monday, February 17, 2014 7:52 PM
  • This should help:

    http://social.technet.microsoft.com/wiki/contents/articles/19899.how-to-update-default-apps-and-limit-access-to-windows-store.aspx

    Monday, February 17, 2014 9:43 PM
  • Thanks for the reply Andreas but I do not follow what you are saying? can you please be clearer.

    Do you expect me to RSAT to 500 workstations individually to configure the the local GP?

    Tuesday, February 18, 2014 10:47 AM
  • Thanks I will give this a try and keep you updated.
    Tuesday, February 18, 2014 11:17 AM
  • Assuming you have 500 clients joined to a domain, regardless of what Windows version you have on the domain controllers, I'm suggesting that you create a domain group policy using the GRoup Policy Management console installed with RSAT to deploy your desired AppLocker configuration to all 500 Machines.

    Blogging about Windows for IT pros at www.theexperienceblog.com

    • Marked as answer by Paddy831 Wednesday, February 19, 2014 4:12 PM
    Tuesday, February 18, 2014 11:26 AM
  • Although this will acheive what I need its a very slow, long winded way to block apps. I think Andreas blog provides a better way to remove Windows 8 installed applications (Metro). http://blogs.technet.com/b/deploymentguys/archive/2013/06/07/update-removing-built-in-applications-from-windows-8.aspx
    Tuesday, February 18, 2014 3:57 PM