{"id":6771,"date":"2016-05-09T16:51:07","date_gmt":"2016-05-09T16:51:07","guid":{"rendered":"http:\/\/www.top-password.com\/blog\/?p=6771"},"modified":"2016-05-09T16:51:07","modified_gmt":"2016-05-09T16:51:07","slug":"prevent-other-users-from-accessing-windows-apps-with-applocker","status":"publish","type":"post","link":"https:\/\/www.top-password.com\/blog\/prevent-other-users-from-accessing-windows-apps-with-applocker\/","title":{"rendered":"Prevent Other Users from Accessing Windows Apps with AppLocker"},"content":{"rendered":"

AppLocker is a Window’s built-in application that gives the administrator a very granular control over which applications are allowed to execute and which are blocked for a Windows account. This feature is really useful if you share a computer and don’t want other users accessing certain applications. <\/p>\n

Today we’ll walk you through how to create rules in AppLocker to prevent other users from accessing certain applications in Windows 10, 8 and 7.<\/p>\n

How to Restrict Access to Programs with Windows AppLocker?<\/strong><\/p>\n

    \n
  1. Press Windows key + R to open the Run dialog box. Type gpedit.msc<\/strong> and press Enter.\n

    \"gpedit\"<\/p>\n<\/li>\n

  2. Under Local Group Policy Editor, navigate to:
    \n\tComputer Configuration -> Windows Settings -> Security Settings -> Application Control Policies -> AppLocker -> Executable Rules<\/code><\/li>\n
  3. Right-click on Executable Rules<\/strong> in the left pane, and then select Create New Rule<\/strong>.\n

    \"applocker\"<\/p>\n<\/li>\n

  4. Click Next<\/strong> to bypass the Before You Begin<\/em> screen. On the Permissions<\/em> page, select Deny<\/strong> (Click Allow<\/strong> if you want to restrict what programs other users can access only).\n

    \"permissions-page\"<\/p>\n

    Click on the Select<\/strong> button to choose the user or groups you want the rule to apply. When it’s done, click Next<\/strong> to reach the Conditions<\/em> page.<\/li>\n

  5. AppLocker rules can identify programs using the following conditions: Publisher<\/strong>, Path<\/strong> and File hash<\/strong>. Publisher condition relies on the digital signature of the executable file.\n

    \"conditions-page\"<\/p>\n

    Here we’ll choose File hash<\/strong> because AppLocker can still identify the program even if it’s renamed or moved.<\/li>\n

  6. On the File Hash<\/em> page, click Browse Files<\/strong> and find the executable file for the application to which you want this rule to apply, or click Browse Folders<\/strong> if you want the system to calculate a hash for all of the executable files in a folder. Click Next<\/strong>.\n

    \"file-hash-page\"<\/p>\n<\/li>\n

  7. Type a name for the rule that will make it easy for you to remember what it is, and then click on Create<\/strong>.\n

    \"name-and-description\"<\/p>\n<\/li>\n

  8. When prompted to create the default rules, make sure you click Yes<\/strong>. This is to ensure that the rules you created don’t block operating system files from running.\n

    \"create-default-rules\"<\/p>\n<\/li>\n

  9. Now you will see three default rules and the new one you created.\n

    \"applocker-rules\"<\/p>\n

    Restart your computer for the AppLocker rules to come into effect. When you try to run the blocked application, you’ll receive an error: “This app has been blocked by group policy. For more information, please contact your system administrator.<\/em>”<\/p>\n

    \"app-blocked-by-group-policy\"<\/p>\n<\/li>\n<\/ol>\n

    AppLocker Doesn’t Work?<\/strong><\/p>\n

    AppLocker doesn’t work under either an admin account or a standard account? AppLocker not blocking application even if you set up the executable rule correctly? AppLocker relies on the built-in Application Identity<\/strong> service, which is normally set to manual startup type by default. Administrators should configure the service to start automatically.<\/p>\n

    To bring AppLocker back to work, follow these steps to start the Application Identity service:<\/p>\n

      \n
    1. Press Windows key + R to open the Run dialog box. Type services.msc<\/strong> and press Enter.\n

      \"services-msc\"<\/p>\n<\/li>\n

    2. Right-click on the Application Identity<\/strong> service, and select Properties<\/strong>.\n

      \"services\"<\/p>\n<\/li>\n

    3. Set the Startup type<\/strong> to Automatic<\/strong> and click on the Start<\/strong> button to run the service.\n

      \"application-identity-service\"<\/p>\n<\/li>\n

    4. Click on Apply<\/strong> and then OK<\/strong>.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

      AppLocker is a Window’s built-in application that gives the administrator a very granular control over which applications are allowed to execute and which are blocked for a Windows account. This feature is really useful if you share a computer and don’t want other users accessing certain applications. Today we’ll walk you through how to create […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,10,1894,3,39],"tags":[2691,2688,2690,2689,2692],"class_list":["post-6771","post","type-post","status-publish","format-standard","hentry","category-others","category-tips-tricks","category-windows-10","category-windows-7","category-windows-8","tag-applocker-block-application","tag-applocker-not-working","tag-block-programs-with-applocker","tag-configure-applocker-group-policy","tag-prevent-windows-program-from-running"],"_links":{"self":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/6771","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/comments?post=6771"}],"version-history":[{"count":9,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/6771\/revisions"}],"predecessor-version":[{"id":6792,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/posts\/6771\/revisions\/6792"}],"wp:attachment":[{"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/media?parent=6771"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/categories?post=6771"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.top-password.com\/blog\/wp-json\/wp\/v2\/tags?post=6771"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}