@@directorcia what about blocking specific .exe files only? I mean as per tutorial, which is great, and thank you for your effort...the video describes blocking all .exe files right? and should I choose a specific .exe file it would work the same?
Hey Robert, how do you deploy the Managed Installer Applocker policy via intune. Is there a Custom URI for this? Like "./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/Native/ManagedInstaller/Policy"? As you separate each policy . How do you deploy through Intune, the ? The Documents on MS website only mention how deploy through GPO or running a Script. cheers mate.
I think he’s asking about the text you copied from your .xml file into the string window . You showed how to block .exe & .appx only. The .appx is 9 lines of text. To block .Msi do you just use that 1 line of text ?
@@directorcia thanks. I created a small power shell script in Intune that turns on the service and sets it to automatic start. It’s working good so far.
@@inlinesix6694 If u apply AppLocker via the Intune process I highlighted using the OMI URL, everything, including starting the service, is done for you. If you use Intune for AppLocker via the method I show there should be no need for additional scripting as Intune handles the lot. I would also suggest that you really should be using WDAC rather than AppLocker as that is newer technology amd WDAC is what MS recommends you use.
@@directorcia you are right. I tried without the power shell script and all is working. I was considered MDAC but just have not spent the time researching how much is involved to just block google chrome from installing. The applocker was quick and easy though for my need.
Thanks for video. Please tell me more. What is condition need to configuration an Applocker? Ex: AD on-prime, PC joined domain? or Just Intune. Thank you
