![]() $className = "MDM_AppLocker_ApplicationLaunchRestrictions01_StoreApps03" Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID=`'$parentID`' and InstanceID='Script'" | Remove-CimInstance Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID=`'$parentID`' and InstanceID='Msi'" | Remove-CimInstance Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID=`'$parentID`' and InstanceID='EXE'" | Remove-CimInstance $className = "MDM_AppLocker_ApplicationLaunchRestrictions01_EXE03" #The first code block deletes all existing rules so that new rules can be written.# ![]() I will omit the credits for Sandy Zeng to save space here, but if you decide to utilize it, please give her credit by including the notes, as seen in the script above): The script for step 2 will be the following (save it as applocker.ps1). Deploy a scheduled task that runs a PowerShell script to utilize the WMI MDM Bridge to apply these rules.That GPO will deploy the registry settings that we need to configure the rules in the second step. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |