Project

General

Profile

Actions
Copy link

Bug #11084

open

Windows App Locker policy is not working

Added by Navod Zoysa 7 months ago. Updated 1 day ago.

Status:
New
Priority:
Medium
Assignee:
Sathira Perera
Start date:
29/04/2024
Due date:
07/07/2024 (about 5 months late)
% Done:

0%

Estimated time:
Device Type:
Component:
Type:
Windows

Description

Windows App Locker policy to allow / disallow certain apps.
Related Ticket: https://roadmap.entgra.net/issues/9309

https://docs.entgra.io/uem/6.2.0/policies/#app-locker-policy
https://learn.microsoft.com/en-us/windows/client-management/mdm/applocker-csp

Additional information:
[1]

How to get details of an app in windows: https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn

EX:
Get-AppxPackage *<app_name>
consider this app: https://apps.microsoft.com/detail/9wzdncrfhvqv?hl=en-us&gl=LK
you can find the details by: Get-AppxPackage *Notes-

Payload of the policy: [2]

EX: Sample payload:
"featureCode": "APP_LOCKER",
"deviceType": "windows",
"content":[{
"id": "b1ad59a9-ae0b-4642-b385-c312d060ff45",
"name": "FIREFOX.EXE, version 68.0.0.0 and above, in FIREFOX, from O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US",
"type": "Exe",
"description": "",
"userOrGroupSid": "S-1-1-0",
"publisherName": "O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US",
"productName": "FIREFOX",
"binaryName": "FIREFOX.EXE",
"highSection": "*",
"lowSection": "68.0.0.0",
"enforcementMode": "x",
"action": "Deny"
}, {
"id": "351d769f-6aef-4049-b3d2-0302ef10b530",
"name": "CHROME.EXE, version 76.0.0.0 and above, in GOOGLE CHROME, from O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US",
"type": "Exe",
"description": "",
"userOrGroupSid": "S-1-1-0",
"publisherName": "O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US",
"productName": "GOOGLE CHROME",
"binaryName": "CHROME.EXE",
"highSection": "*",
"lowSection": "76.0.0.0",
"enforcementMode": "x",
"action": "Deny"
}
]

[2] {"policyName":"Windows App Locker Policy","description":"Windows App Locker Policy","active":true,"compliance":"enforce","ownershipType":null,"policyType":"GENERAL","profile":{"profileName":"Windows App Locker Policy","deviceType":"windows","profileFeaturesList":[{"featureCode":"APP_LOCKER","deviceType":"windows","content":{"appLockerContent":[{"publisherName":"CN=D23A8018-0943-4207-B03D-2E5979D9A260","name":"22944SamJarawan.-MyNotes-","id":"9WZDNCRFHVQV","type":"*","productName":"*","binaryName":"*","highSection":"*","lowSection":"0.0.0.0"}]},"correctiveActions":[]}]},"deviceGroups":[{"id":14,"name":"Test Group"}],"roles":["ANY"],"users":[]}

Files

image (1).png (222 KB) image (1).png [1] Arshana Atapattu, 26/06/2024 02:20 PM
Actions
Copy link

Also available in: Atom PDF