Step-By-Step: Controlling Access in Windows 8 with AppLocker

  • Article
Recent interest on CANITPRO.NET in regards to Windows 8 for business has started a great deal of conversation around features organizations would like to learn more about. One such feature being mentioned is the AppLocker capability.  Enabling specific settings surrounding which apps can and cannot be executed, AppLocker prevents malicious software or malware and unsupported applications to be run on Windows 8 machines. Enablement of said function prevent users from installing and using unauthorized applications, and enforces security policies or compliance requirements enforced by your organization.

 

Prerequisite

  1. Download Windows Server 2012
  2. Should you not have access to a lab, follow this Step-By-Step to setup your own lab

 

Configuring an AppLocker Policy for an Individual App

  1. In Server Manager, click Tools > Group Policy Management.
     

  2. In the tree pane , expand Forest: <YourOrganization.com> > Domains.
     

  3. Right-click <YourOrganization.com> and select Create a GPO in this domain, and Link it here.
     

  4. In the New GPO dialog, type Windows 8 AppLocker Policy and click OK.
     

  5. Expand <YourOrganization.com>, Right-click Windows 8 AppLocker Policy, and click Edit. The Group Policy Management Editor appears. If you are prompted, click OK.
     

  6. In the tree pane, expandComputer Configuration\Policies\Windows Settings\Security Settings and click System Services.
     

  7. In the details pane, double-click Application Identity.
     

  8. In the Application Identity Properties dialog, click the Define this policy setting checkbox and select the Automatic radio button.

    Note: Because AppLocker uses this service to verify the attributes of a file, you must configure it to start automatically in at least one Group Policy object (GPO) that applies AppLocker rules.
     

  9. Click OK.
      

  10. In the tree pane, under Computer Configuration\Policies\Windows Settings\Security Settings expand Application Control Policies and click AppLocker.
     

  11. In the details pane, click Configure Rule Enforcement. The AppLocker Properties dialog appears.
     

  12. Under Packaged app Rules, click the Configured checkbox, and verify that Enforce rules is selected.
     

  13. Click OK.
     

  14. In the tree pane, expand AppLocker and click Packaged app Rules.

    Note: Currently no rules are configured.
     

  15. Right-click Packaged app Rules and click Create Default Rules.
     

  16. Right-click Packaged app Rules, and click Create New Rule. The Create Packaged app Rules wizard appears.

  17. On the Before You Begin page, click Next.
     

  18. On the Permissions page, select the Deny radio button and click the Select button. The Select User or Group dialog appears.
     

  19. In the Select User or Group dialog, type domain users, click Check Names and then click OK.
     

  20. Click Next.
     

  21. On the Publisher page, select the Use a packaged app installer as a reference radio button.
     

  22. Click Browse, navigate to an application such as notepad.exe, and click Open.
     

  23. Click Next.
     

  24. On the Exceptions page, click Next.

The application chosen should now disallow use on the Windows 8 machine.  Creating this GPO disallows the user to run said app.  More uses for AppLocker on Windows 8 will also be showcased on future Windows 8 posts.