Announcement

Collapse
No announcement yet.

Applocker GPO - Can I allow all except a particular program?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Applocker GPO - Can I allow all except a particular program?

    Hi everyone,

    I have a numer of application servers and somethimes a vendor connects to a server when there is an issue.
    We found out that Teamviewer was installed on one of the servers.

    I would like to block Teamviewer from being installed for everyone except a small group of domain administrators.

    Mt first thought was doing this with Applocker.
    I created a new GPO and configured a rule that denies Teamviewer based on Publisher.
    I also created the set of default rules.

    After the policy was applied it turned out the servers have applications installed on locations that were not allowed.
    For example a D drive.

    Is it possible to configure a Applocker policy that allows all by default and just make a single deny rule for Teamviewer?

    Nothing else should be blocked.. just teamviewer.

    Thanks in advance,

    Lanz
Working...
X