deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update edit-applocker-rules.md

Browse Source
This commit is contained in:
jsuther1974 2023-12-21 15:33:19 -08:00
parent 3ca1b6e092
commit 963086fd94
1 changed files with 29 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md
View File

@ -1,52 +1,49 @@
---
title: Edit AppLocker rules
description: This topic for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
description: This article for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
ms.localizationpriority: medium
ms.topic: conceptual
ms.date: 09/21/2017
ms.date: 12/21/2023
---
# Edit AppLocker rules
>[!NOTE]
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
This topic for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
This article for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker.
For more info about these rule types, see [Understanding AppLocker rule condition types](understanding-applocker-rule-condition-types.md).
You can perform this task by using the Group Policy Management Console for an AppLocker policy in a Group Policy Object (GPO) or by using the Local Security Policy snap-in for an AppLocker policy on a local computer or in a security template. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#bkmk-using-snapins).
To manage an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To manage an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).
**To edit a publisher rule**
## To edit a publisher rule
1. Open the AppLocker console, and then click the appropriate rule collection.
2. In the **Action** pane, right-click the publisher rule, and then click **Properties**.
3. Click the appropriate tab to edit the rule properties.
1. Open the AppLocker console, and then select the appropriate rule collection.
2. In the **Action** pane, right-click the publisher rule, and then select **Properties**.
3. Select the appropriate tab to edit the rule properties.
- Click the **General** tab to change the rule name, add a rule description, configure whether the rule is used to allow or deny applications, and set the security group for which this rule should apply.
- Click the **Publisher** tab to configure the certificate's common name, the product name, the file name, or file version of the publisher.
- Click the **Exceptions** tab to create or edit exceptions.
- When you finish updating the rule, click **OK**.
- Select the **General** tab to change the rule name, add a rule description, configure whether the rule is used to allow or deny applications, and set the security group for which this rule should apply.
- Select the **Publisher** tab to configure the certificate's common name, the product name, the file name, or file version of the publisher.
- Select the **Exceptions** tab to create or edit exceptions.
- When you finish updating the rule, select **OK**.
**To edit a file hash rule**
## To edit a file hash rule
1. Open the AppLocker console, and then click the appropriate rule collection.
1. Open the AppLocker console, and then select the appropriate rule collection.
2. Choose the appropriate rule collection.
3. In the **Action** pane, right-click the file hash rule, and then click **Properties**.
4. Click the appropriate tab to edit the rule properties.
3. In the **Action** pane, right-click the file hash rule, and then select **Properties**.
4. Select the appropriate tab to edit the rule properties.
- Click the **General** tab to change the rule name, add a rule description, configure whether the rule is used to allow or deny applications, and set the security group in which this rule should apply.
- Click the **File Hash** tab to configure the files that should be used to enforce the rule. You can click **Browse Files** to add a specific file or click **Browse Folders** to add all files in a specified folder. To remove hashes individually, click **Remove**.
- When you finish updating the rule, click **OK**.
- Select the **General** tab to change the rule name, add a rule description, configure whether the rule is used to allow or deny applications, and set the security group in which this rule should apply.
- Select the **File Hash** tab to configure the files that should be used to enforce the rule. You can select **Browse Files** to add a specific file or select **Browse Folders** to add all files in a specified folder. To remove hashes individually, select **Remove**.
- When you finish updating the rule, select **OK**.
**To edit a path rule**
## To edit a path rule
1. Open the AppLocker console, and then click the appropriate rule collection.
1. Open the AppLocker console, and then select the appropriate rule collection.
2. Choose the appropriate rule collection.
3. In the **Action** pane, right-click the path rule, and then click **Properties**.
4. Click the appropriate tab to edit the rule properties.
3. In the **Action** pane, right-click the path rule, and then select **Properties**.
4. Select the appropriate tab to edit the rule properties.
- Click the **General** tab to change the rule name, add a rule description, configure whether the rule is used to allow or deny applications, and set the security group in which this rule should apply.
- Click the **Path** tab to configure the path on the computer in which the rule should be enforced.
- Click the **Exceptions** tab to create exceptions for specific files in a folder.
- When you finish updating the rule, click **OK**.
- Select the **General** tab to change the rule name, add a rule description, configure whether the rule is used to allow or deny applications, and set the security group in which this rule should apply.
- Select the **Path** tab to configure the path on the computer in which the rule should be enforced.
- Select the **Exceptions** tab to create exceptions for specific files in a folder.
- When you finish updating the rule, select **OK**.