mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
Merged PR 2653: AppLocker CSP - added two new SyncML whitelist examples
This commit is contained in:
Maricia Alforque
parent
df339fc0de
commit
c8495ea5b4
@ -7,7 +7,7 @@ ms.topic: article
|
|||||||
ms.prod: w10
|
ms.prod: w10
|
||||||
ms.technology: windows
|
ms.technology: windows
|
||||||
author: nickbrower
|
author: nickbrower
|
||||||
ms.date: 06/19/2017
|
ms.date: 08/10/2017
|
||||||
---
|
---
|
||||||
|
|
||||||
# AppLocker CSP
|
# AppLocker CSP
|
||||||
@ -791,8 +791,70 @@ The following list shows the apps that may be included in the inbox.
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Whitelist example
|
## Whitelist examples
|
||||||
|
|
||||||
|
The following example disables the calendar application.
|
||||||
|
|
||||||
|
``` syntax
|
||||||
|
<SyncML xmlns="SYNCML:SYNCML1.2">
|
||||||
|
<SyncBody>
|
||||||
|
<Add>
|
||||||
|
<CmdID>$CmdID$</CmdID>
|
||||||
|
<Item>
|
||||||
|
<Target>
|
||||||
|
<LocURI>./Vendor/MSFT/PolicyManager/My/ApplicationManagement/ApplicationRestrictions</LocURI>
|
||||||
|
</Target>
|
||||||
|
<Meta>
|
||||||
|
<Format xmlns="syncml:metinf">chr</Format>
|
||||||
|
<Type xmlns="syncml:metinf">text/plain</Type>
|
||||||
|
</Meta>
|
||||||
|
<Data><AppPolicy Version="1" xmlns="http://schemas.microsoft.com/phone/2013/policy"><Deny><App ProductId="{a558feba-85d7-4665-b5d8-a2ff9c19799b}"/></Deny></AppPolicy>
|
||||||
|
</Data>
|
||||||
|
</Item>
|
||||||
|
</Add>
|
||||||
|
<Final/>
|
||||||
|
</SyncBody>
|
||||||
|
</SyncML>
|
||||||
|
```
|
||||||
|
|
||||||
|
The following example blocks the usage of the map application.
|
||||||
|
|
||||||
|
``` syntax
|
||||||
|
<SyncML xmlns="SYNCML:SYNCML1.2">
|
||||||
|
<SyncBody>
|
||||||
|
<Add>
|
||||||
|
<CmdID>$CmdID$</CmdID>
|
||||||
|
<Item>
|
||||||
|
<Target>
|
||||||
|
<LocURI>./Vendor/MSFT/AppLocker/ApplicationLaunchRestrictions/AppLockerPhoneGroup0/StoreApps/Policy</LocURI>
|
||||||
|
</Target>
|
||||||
|
<Meta>
|
||||||
|
<Format xmlns="syncml:metinf">chr</Format>
|
||||||
|
</Meta>
|
||||||
|
<Data>
|
||||||
|
<RuleCollection Type="Appx" EnforcementMode="Enabled">
|
||||||
|
<FilePublisherRule Id="a9e18c21-ff8f-43cf-b9fc-db40eed693ba" Name="(Default Rule) All signed Appx packages" Description="Allows members of the Everyone group to run Appx packages that are signed." UserOrGroupSid="S-1-1-0" Action="Allow">
|
||||||
|
<Conditions>
|
||||||
|
<FilePublisherCondition PublisherName="*" ProductName="*" BinaryName="*">
|
||||||
|
<BinaryVersionRange LowSection="0.0.0.0" HighSection="*" />
|
||||||
|
</FilePublisherCondition>
|
||||||
|
</Conditions>
|
||||||
|
</FilePublisherRule>
|
||||||
|
|
||||||
|
<FilePublisherRule Id="fd686d83-a829-4351-8ff4-27c7de5755d2" Name="Deny Splash appmaps" Description="Deny members of the local Administrators group to run maps." UserOrGroupSid="S-1-1-0" Action="Deny">
|
||||||
|
<Conditions>
|
||||||
|
<FilePublisherCondition PublisherName="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US" ProductName="Microsoft.WindowsMaps" BinaryName="*" />
|
||||||
|
</Conditions>
|
||||||
|
</FilePublisherRule>
|
||||||
|
|
||||||
|
</RuleCollection>
|
||||||
|
</Data>
|
||||||
|
</Item>
|
||||||
|
</Add>
|
||||||
|
<Final/>
|
||||||
|
</SyncBody>
|
||||||
|
</SyncML>
|
||||||
|
```
|
||||||
|
|
||||||
The following example for Windows 10 Mobile denies all apps and allows the following apps:
|
The following example for Windows 10 Mobile denies all apps and allows the following apps:
|
||||||
|
|
||||||
|
|||||||
@ -10,7 +10,7 @@ ms.topic: article
|
|||||||
ms.prod: w10
|
ms.prod: w10
|
||||||
ms.technology: windows
|
ms.technology: windows
|
||||||
author: nickbrower
|
author: nickbrower
|
||||||
ms.date: 08/04/2017
|
ms.date: 08/10/2017
|
||||||
---
|
---
|
||||||
|
|
||||||
# What's new in MDM enrollment and management
|
# What's new in MDM enrollment and management
|
||||||
@ -1332,6 +1332,10 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
|
|||||||
<li> 3 – Hides overrides (encrypt, prompt but hide overrides, and audit).</li>
|
<li> 3 – Hides overrides (encrypt, prompt but hide overrides, and audit).</li>
|
||||||
</ul>
|
</ul>
|
||||||
</td></tr>
|
</td></tr>
|
||||||
|
<tr class="odd">
|
||||||
|
<td style="vertical-align:top">[AppLocker CSP](applocker-csp.md)</td>
|
||||||
|
<td style="vertical-align:top"><p>Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in [Whitelist examples](applocker-csp.md#whitelist-examples).</p>
|
||||||
|
</td></tr>
|
||||||
<tr class="even">
|
<tr class="even">
|
||||||
<td style="vertical-align:top">[Policy CSP](policy-configuration-service-provider.md)</td>
|
<td style="vertical-align:top">[Policy CSP](policy-configuration-service-provider.md)</td>
|
||||||
<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
|
<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user