Skip to main content

Restrict Access to Programs with AppLocker in Windows 7

If you share a computer and don’t want other users accessing certain applications, there is a new feature in Windows 7 that allows you to block them. Today we take a quick look at restricting what programs other users can access using AppLocker.
Note: AppLocker is only available in Ultimate and Enterprise versions of Windows 7.

Using AppLocker
To access Group Policy Editor and create rules in AppLocker you’ll need to be logged in as Administrator. Click on Start and type gpedit.msc into the search box and hit Enter.
1-app
Under Local Computer Policy go to Computer Configuration \ Windows Settings \ Security Settings \ Application Control Policies \ AppLocker.

Now you will see the overall controls for the applications.

Under Configure Rule Enforcement click on the Configure rule enforcement link.

Now under AppLocker Properties check the boxes next to Configured under Executable rules then click Ok.

Blocking Apps from Running
In this scenario, Jack wastes time playing games like Minesweeper and Solitaire when he should be doing his homework, so we are going to block all of the games. After completing the steps above, under the Overview section click on Executable Rules.

Since this is your first time accessing AppLocker, there will be no rules listed. Right-click and select Create New Rule…

This opens up the Create Executable Rules wizard and you can select not to show the introduction screen at start up for the next time you access it.

Select Permissions under Action select Deny.
 
Add the user you want to block, in this case it’s Jack.

After you’ve selected the deny action and selected the user continue to the next step.

In Conditions you can select from Publisher, Path or File hash. We don’t want Jack to have access to any of the games. so we will select Path.

Click on Browse Folders and select the Microsoft Games folder.

In the next screen you could add Exceptions like allowing certain files, but because we are blocking the entire games directory we’ll skip to the next screen.

Here you can add a description to the rule so you can keep track of them is there are several rules configured. When everything looks right click on Create.

A message pops up saying default rules haven’t been created yet. It is important to make sure they are created so click Yes to this message.

Now you will see the default rules and the new one you created showing Jack is denied access to the Microsoft Games directory.

After creating the rule make sure and go into services and make Application Identification is started and that it’s set to automatically start as well otherwise the rules won’t work. By default this service is not started so you will need to enable it.

Now, when Jack logs into his user account and tries to access the games he will only see the following message. Only an Administrator can go in and change the rule.

Comments

Popular posts from this blog

How To Recover Passwords Using Ophcrack LiveCD

Ophcrack LiveCD 3.4.0 is a completely self contained, bootable version of Ophcrack 3.4.0 - the easiest and most effective tool that I've ever found to "crack" your forgotten Windows password. For a quick overview of Ophcrack, see my complete review of Ophcrack 3.4.0 . Ophcrack is a free software program that recovers passwords so the first step you'll need to take is to visit Ophcrack's website . When the Ophcrack website loads as shown above, click the Download ophcrack LiveCD button. Note: Since you obviously can't get into your computer right now because you don't know the password, these first four steps will need to be completed on another computer that you have access to. This other computer will need to have access to the Internet and the capability to burn a disc (like a CD, DVD, etc.). Another Note: The instructions I've put together here walk you through the entire process of using Ophcrack LiveCD to recover your password. If you...

Linuxfx 10 : A Windows-Like Linux Distro

The idea of Linuxfx is to make it easier for people who are migrating from Windows 7. People who are dissatisfied with the lack of security and stability of Windows 10 are also fit for Linuxfx. LinuxFX Desktop : Apart from Windows-like looks, Linuxfx also has more to offer which a regular user will definitely admire. So, let’s get along with me to know more about Windows alternative Linuxfx. As usual, I started by downloading the ISO image of Linuxfx from the official site  here . Then, instead of dual-booting, I decided to install it on my VirtualBox to play safely. After finishing the basic configuration, as soon as I booted it, I noticed a Windows logo and system integrity check. That’s quite surprising because every Linux distro puts their own or OEM logo on that place. But I think Linuxfx wants to make migrating users feel like home from the beginning. Entering the boot menu, Linuxfx redirected and logged in to a live session. Whoah! it can also detect the system I’m using — a...

Share Registry Editor Favorite Keys Across Computers

if you spend a lot of time inside your registry editor, you might already know that you can use the Favorites feature to add in a bookmark to a specific key in the registry, saving you immense amounts of time when you need to check a bunch of different keys. But did you think about exporting that list so you can use it on any computer? Here’s the menu I’m talking about: For instance, here I’m adding in a favorite for the local machine’s Run key, used to launch applications across all users. Now when I use the menu item, it will navigate me instantly to that key in the registry, no matter where I currently am. As I added a few favorites, it occurred to me that I should figure out where those menu items are being stored… Now browse down to this registry key to find the favorites list: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\Favorites And there’s the favorite we just saved… so how does this help you? If you export this r...