Bug #11084: Windows App Locker policy is not working - product-uem 7.0.0 GA - Entgra.io

Bug #11084

Need to QA Windows App Locker policy to allow / disallow certain apps. 
 Related Ticket: https://roadmap.entgra.net/issues/9309 


 https://docs.entgra.io/uem/5.0.0/windows/#app-locker-policy 
 https://learn.microsoft.com/en-us/windows/client-management/mdm/applocker-csp 

 Additional information: 
 !image%20%281%29.png! 

 How to get details of an app in windows: https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn 

 


 EX: 
 Get-AppxPackage *<app_name> 
 consider this app: https://apps.microsoft.com/detail/9wzdncrfhvqv?hl=en-us&gl=LK 
 you can find the details by: Get-AppxPackage *Notes- 

 Payload of the policy: [2] 

 EX: Sample payload: 
 "featureCode": "APP_LOCKER", 
 "deviceType": "windows", 
 "content":[{  
         "id": "b1ad59a9-ae0b-4642-b385-c312d060ff45", 
         "name": "FIREFOX.EXE, version 68.0.0.0 and above, in FIREFOX, from O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US", 
         "type": "Exe", 
         "description": "", 
         "userOrGroupSid": "S-1-1-0", 
         "publisherName": "O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US", 
         "productName": "FIREFOX", 
         "binaryName": "FIREFOX.EXE", 
         "highSection": "*", 
         "lowSection": "68.0.0.0", 
         "enforcementMode": "x", 
         "action": "Deny" 
     }, 
     { 
         "id": "351d769f-6aef-4049-b3d2-0302ef10b530", 
         "name": "CHROME.EXE, version 76.0.0.0 and above, in GOOGLE CHROME, from O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US", 
         "type": "Exe", 
         "description": "", 
         "userOrGroupSid": "S-1-1-0", 
         "publisherName": "O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US", 
         "productName": "GOOGLE CHROME", 
         "binaryName": "CHROME.EXE", 
         "highSection": "*", 
         "lowSection": "76.0.0.0", 
         "enforcementMode": "x", 
         "action": "Deny" 
     } 
     ] 


 [2] 
 {"policyName":"Windows App Locker Policy","description":"Windows App Locker Policy","active":true,"compliance":"enforce","ownershipType":null,"policyType":"GENERAL","profile":{"profileName":"Windows App Locker Policy","deviceType":"windows","profileFeaturesList":[{"featureCode":"APP_LOCKER","deviceType":"windows","content":{"appLockerContent":[{"publisherName":"CN=D23A8018-0943-4207-B03D-2E5979D9A260","name":"22944SamJarawan.-MyNotes-","id":"9WZDNCRFHVQV","type":"*","productName":"*","binaryName":"*","highSection":"*","lowSection":"0.0.0.0"}]},"correctiveActions":[]}]},"deviceGroups":[{"id":14,"name":"Test Group"}],"roles":["ANY"],"users":[]}

Back

Project

General

Profile

PRODUCT IOTS » product-uem 7.0.0 GA

Bug #11084