deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update create-applocker-default-rules.md

Browse Source
This commit is contained in:
jsuther1974 2023-12-21 15:04:54 -08:00
parent cf509d69e8
commit 16fee2768e
1 changed files with 11 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md
View File

@ -1,31 +1,28 @@
---
title: Create AppLocker default rules
description: This topic for IT professionals describes the steps to create a standard set of AppLocker rules that will allow Windows system files to run.
description: This article for IT professionals describes the steps to create a standard set of AppLocker rules that allow Windows system files to run.
ms.localizationpriority: medium
ms.topic: conceptual
ms.date: 09/21/2017
ms.date: 12/21/2023
---
# Create AppLocker default rules
>[!NOTE]
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
This article for IT professionals describes the steps to create a standard set of AppLocker rules that allow Windows system files to run.
This topic for IT professionals describes the steps to create a standard set of AppLocker rules that will allow Windows system files to run.
AppLocker includes default rules for each rule collection. These rules are intended to help ensure that the files that are required for Windows to operate properly are allowed to run.
The AppLocker wizard can generate default rules for each rule collection. These rules are intended to help ensure that the files that are required for Windows to operate properly are allowed to run.
> [!IMPORTANT]
> You can use the default rules as a template when creating your own rules to allow files within the Windows folders to run. However, these rules are only meant to function as a starter policy when you are first testing AppLocker rules. The default rules can be modified in the same way as other AppLocker rule types.
You can perform this task by using the Group Policy Management Console for an AppLocker policy in a Group Policy Object (GPO) or by using the Local Security Policy snap-in for an AppLocker policy on a local computer or in a security template. For information how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#bkmk-using-snapins).
To manage an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To manage an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).
**To create default rules**
## To create default rules
1. Open the AppLocker console.
2. Right-click the appropriate rule type for which you want to automatically generate default rules. You can automatically generate rules for executable, Windows Installer, script rules and Packaged app rules.
3. Click **Create Default Rules**.
3. Select **Create Default Rules**.
## Related topics
## Related articles
- [Understanding AppLocker default rules](understanding-applocker-default-rules.md)