![]() I am implementing Applocker but I'm running into some issues where the logs are saying some. exes will be blocked when the policy is enforced. AppLocker - simple lock screen for iOS Application ( Swift 4+, iOS 9. I have a majority of my computers in audit mode and forwarding the logs to an event collector. In the documentation mentioned above, it says that you can push this via GPO (obviously) or script. I went over to AppLocker CSP documentation to see if I can find more information and it really seems that there isn't a way to do it via CSP. If I want to "trust" the Intune Agent, shouldn't I be able to push this policy via Intune too? Am I crazy? I'm starting to feel that I don't get the concept of the CSP right. We don't have a DC or SCCM, all our machines are AADJ devices, so no GPO is available for us. Seems a bit too much to create a Win32 package with the script and XML inside to apply this via MEM. There's also no way to put apps into a folder and add a passcode to it unless your iPad is jailbroken. It seems that this AppLocker CSP defines the WDAC CodeIntegrity Policy. When you go to the app locker listing in the repo, is there any information on how to contact the developer in the description In regards to Safari, you can go to Settings>General>Restrictions and turn off Safari. I have already successfully pushed our WDAC policy via ApplicationControl OMA-URI though. One of our settings in WDAC policy is to enable the option of Managed Installer. An not very well formatted example down below (sorry I'm on my cell) It seems that besides WDAC Policy, an additional AppLocker policy of Type="ManagedInstaller" needs to be pushed to the endpoint listing the types of "trusted" managed installer that you want allow it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |