Bug #11084: Windows App Locker policy is not working - product-uem 6.4.0 GA - Entgra.io

Actions

Copy link

Bug #11084

open

product-uem 7.0.0 GA - Task #12355: windows App locker policy related issues

Windows App Locker policy is not working

Added by Navod Zoysa 10 months ago. Updated about 10 hours ago.

Status:

Priority:

High

Assignee:

Navod Zoysa

Start date:

18/02/2025

Due date:

18/02/2025 (Due in 0 days)

% Done:

100%

Estimated time:

Device Type:

Windows

Component:

Type:

Windows

Description

Windows App Locker policy to allow / disallow certain apps.
Related Ticket: https://roadmap.entgra.net/issues/9309

https://docs.entgra.io/uem/6.2.0/policies/#app-locker-policy
https://learn.microsoft.com/en-us/windows/client-management/mdm/applocker-csp

Additional information:

How to get details of an app in windows: https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn

EX:
Get-AppxPackage *<app_name>
consider this app: https://apps.microsoft.com/detail/9wzdncrfhvqv?hl=en-us&gl=LK
you can find the details by: Get-AppxPackage *Notes-

Payload of the policy: [2]

EX: Sample payload:
"featureCode": "APP_LOCKER",
"deviceType": "windows",
"content":[{
"id": "b1ad59a9-ae0b-4642-b385-c312d060ff45",
"name": "FIREFOX.EXE, version 68.0.0.0 and above, in FIREFOX, from O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US",
"type": "Exe",
"description": "",
"userOrGroupSid": "S-1-1-0",
"publisherName": "O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US",
"productName": "FIREFOX",
"binaryName": "FIREFOX.EXE",
"highSection": "*",
"lowSection": "68.0.0.0",
"enforcementMode": "x",
"action": "Deny"
}, {
"id": "351d769f-6aef-4049-b3d2-0302ef10b530",
"name": "CHROME.EXE, version 76.0.0.0 and above, in GOOGLE CHROME, from O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US",
"type": "Exe",
"description": "",
"userOrGroupSid": "S-1-1-0",
"publisherName": "O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US",
"productName": "GOOGLE CHROME",
"binaryName": "CHROME.EXE",
"highSection": "*",
"lowSection": "76.0.0.0",
"enforcementMode": "x",
"action": "Deny"
}
]

[2] {"policyName":"Windows App Locker Policy","description":"Windows App Locker Policy","active":true,"compliance":"enforce","ownershipType":null,"policyType":"GENERAL","profile":{"profileName":"Windows App Locker Policy","deviceType":"windows","profileFeaturesList":[{"featureCode":"APP_LOCKER","deviceType":"windows","content":{"appLockerContent":[{"publisherName":"CN=D23A8018-0943-4207-B03D-2E5979D9A260","name":"22944SamJarawan.-MyNotes-","id":"9WZDNCRFHVQV","type":"*","productName":"*","binaryName":"*","highSection":"*","lowSection":"0.0.0.0"}]},"correctiveActions":[]}]},"deviceGroups":[{"id":14,"name":"Test Group"}],"roles":["ANY"],"users":[]}

Files

image (1).png (222 KB) image (1).png

[1]

Arshana Atapattu, 26/06/2024 02:20 PM

Actions

Copy link

Updated by Viranga Gunarathna 9 months ago

Status changed from New to QA

Actions

Copy link

Updated by Arshana Atapattu 8 months ago

Due date set to 26/06/2024

Actions

Copy link

Updated by Arshana Atapattu 8 months ago

Description updated (diff)

Actions

Copy link

Updated by Arshana Atapattu 8 months ago

Description updated (diff)

Actions

Copy link

Updated by Arshana Atapattu 8 months ago

File image (1).png image (1).png added
Description updated (diff)

Actions

Copy link

Updated by Arshana Atapattu 8 months ago

Due date changed from 26/06/2024 to 07/07/2024

Actions

Copy link

Updated by Arshana Atapattu 7 months ago

Project changed from product-uem 6.2.0 GA to product-uem 6.3.0 GA

Actions

Copy link

Updated by Arshana Atapattu 4 months ago

Project changed from product-uem 6.3.0 GA to product-uem 7.0.0 GA
Subject changed from QA - Windows App Locker policy to Windows App Locker policy is not working
Description updated (diff)
Status changed from QA to New
Private changed from No to Yes