deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-24 19:27:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
58,045 Commits 15 Branches 0 Tags
Commit Graph

338 Commits

Author SHA1 Message Date
Justin Hall
29ab6d569d fixed syntax 2017-07-11 12:02:21 -07:00
Justin Hall
cd812d03bb copyedits 2017-07-11 11:35:40 -07:00
Kaushik Ainapure
66763a225b Document how to clear Applocker rules on an individual system and remote systems 
In order to clear AppLocker policies from a machine you must use the Set-AppLockerPolicy cmdlet with the -XMLPolicy parameter using a .XML file which contains the following contents:

<AppLockerPolicy Version="1">
  <RuleCollection Type="Exe" EnforcementMode="NotConfigured" />
  <RuleCollection Type="Msi" EnforcementMode="NotConfigured" />
  <RuleCollection Type="Script" EnforcementMode="NotConfigured" />
  <RuleCollection Type="Dll" EnforcementMode="NotConfigured" />
</AppLockerPolicy>

To use the Set-AppLockerPolicy cmdlet, we must first import the Applocker modules.  To do this:

PS C:\Users\Administrator> import-module AppLocker

We will create a file for example called clear.xml and place it in the same directory that we are executing our cmdlet.  And fill it with the XML Contents above.  Then you must execute using the following command:

C:\Users\Administrator> Set-AppLockerPolicy -XMLPolicy .\clear.xml

This will remove all AppLocker Policies on a machine and could be potentially scripted to use on multiple machines using remote execution tools with accounts with proper access.
 2017-07-11 17:58:51 +05:30
Ryen
55c67d84ac Update Link URL 
Updated AppLocker PowerShell Command Reference Link
 2017-06-30 10:11:09 +12:00
Elizabeth Ross
c5564b2179 Merge pull request #212 from enigma0x3/credit_fix 
Updated to include Alex Ionescu credit
 2017-06-28 16:19:27 -07:00
Elizabeth Ross
6d6405321d Merge pull request #220 from enigma0x3/ntkd_addition 
Ntkd kernel debugger addition
 2017-06-28 16:15:44 -07:00
Matt Nelson
d12d7affec added ntkd debugger 
kernel debugger, nearly identical to kd.exe
 2017-06-28 11:18:18 -07:00
Justin Hall
afc2e557d3 added link to feature table 2017-06-23 13:46:15 -07:00
Justin Hall
cc29c4ba47 clarified TPM 2.0 requirement 2017-06-23 13:07:27 -07:00
junkui chen
483dee8d5a fix key 2017-06-22 13:42:36 +08:00
Ying Hua
5b99799e65 fix document id 2017-06-21 12:55:59 +00:00
Matt Nelson
34e135859f Updated to include Alex Ionescu credit 
Alex contributed to the bash.exe and lxssmanager.dll findings. Reference: https://twitter.com/aionescu/status/876226982534565889
 2017-06-20 12:01:19 -04:00
Matt Nelson
2436f248fb Updated to include fsiAnyCpu.exe 
Same as FSI.exe, has different fileName.
 2017-06-20 11:07:09 -04:00
Kaushik Ainapure
fb91e970b0 Updating applying product 
The applying product of this page is "Windows 10", but it is correctly "Windows Server 2016".  Failover-Clustering function can not be enabled on Windows 10.
 2017-06-19 18:36:59 +05:30
Elizabeth Ross
910b0ba04b Merge pull request #880 from jotob-msft/block_list4 
Block list4
 2017-06-16 17:22:42 -07:00
John Tobin
4ca36ec740 Remove reference to WSH 2017-06-16 16:59:00 -07:00
John Tobin
bde7f93ecf Remove reference to WSH 2017-06-16 16:53:56 -07:00
Elizabeth Ross
415dc36d3f Merge pull request #874 from jotob-msft/block_list3 
Block list3
 2017-06-16 11:05:06 -07:00
John Tobin
c304d1940f Revision to CI policies:steps 2017-06-16 09:50:20 -07:00
John Tobin
c2535782d0 Uploaded planning doc again 2017-06-16 09:37:09 -07:00
John Tobin
a0fe6b1c15 Add and remove content from Deploy CI policies:steps 2017-06-16 09:24:58 -07:00
Elizabeth Ross
3a1e19b50b Revert "Edits to block list process steps document." 2017-06-15 09:45:07 -07:00
Elizabeth Ross
ad3cf84400 Merge pull request #865 from jotob-msft/block_list2 
Edits to block list process steps document.
 2017-06-14 12:09:17 -07:00
John Tobin
6e2b5a8c67 Fix line validation warning 2017-06-14 11:57:49 -07:00
John Tobin
4420622fe3 Fix notes2 2017-06-14 11:13:10 -07:00
John Tobin
9a0c467cb5 Fix notes 2017-06-14 10:35:14 -07:00
Justin Hall
640a04bf64 removed topic about how Windows 10 uses TPM to allow more review 2017-06-14 10:31:50 -07:00
John Tobin
b0bdc1c877 Fix note and syntax 2017-06-13 17:27:32 -07:00
John Tobin
1479189fb8 Block list edits 2017-06-13 16:44:16 -07:00
Justin Hall
285fe39fb0 Revert "Add Microsoft block list topic/scripts" 2017-06-13 16:19:25 -07:00
Elizabeth Ross
44efa75f41 Merge pull request #859 from jotob-msft/block_list 
Add Microsoft block list topic/scripts
 2017-06-13 16:11:26 -07:00
John Tobin
6e2c2ca91a Added further script content 2017-06-13 13:53:15 -07:00
John Tobin
9c0c9efdc9 Added missing parenthesis to planning and deployment doc 2017-06-13 13:09:38 -07:00
Brian Lich
3377ac4831 adding default ms.date metadata 2017-06-13 13:05:51 -07:00
John Tobin
c55b22fdb1 Add Microsoft block list topic/scripts 2017-06-13 11:49:59 -07:00
Justin Hall
6ed02dada7 fixing realtive path to images 2017-06-13 06:28:18 -07:00
Justin Hall
e722e4c327 fixed path to png files 2017-06-12 19:52:32 -07:00
Justin Hall
7df60dbb4b added new tpm topic from cela 2017-06-12 19:35:05 -07:00
Justin Hall
7a9456b33c copyedits 2017-06-12 13:05:38 -07:00
LizRoss
3e0e7e6d13 Merge branch 'master' of https://github.com/Microsoft/windows-itpro-docs 2017-06-12 12:22:50 -07:00
Brian Lich
44c02bb430 adding global metadata 2017-06-12 12:06:42 -07:00
Hany Farag
edfde175b3 Create tpm-recommendations.md 
I own the TPM and we need to make a clarification that Bitlocker on TPM 2.0 requires UEFI boot.
 2017-06-12 10:15:27 -07:00
Justin Hall
c520acf269 removed security baselines file 2017-06-08 12:56:58 -07:00
Elizabeth Ross
7fb7ff58aa Merge pull request #202 from yusufozturk/patch-1 
Typo fix for ICMP DoS Attack
 2017-05-30 08:28:53 -07:00
Elizabeth Ross
9c884932a8 Merge pull request #203 from yusufozturk/patch-2 
Typo fix for ICMP DoS Attack
 2017-05-30 08:28:34 -07:00
Yusuf Ozturk
c8182dad77 Typo fix for ICMP DoS Attack 
Additional ICMP typo fix
 2017-05-29 11:47:07 +02:00
Yusuf Ozturk
73bba26fd1 Typo fix for ICMP DoS Attack 
Additional ICMP typo fix
 2017-05-29 11:46:03 +02:00
Yusuf Ozturk
227049635a Typo fix for ICMP DoS Attack 
It is ICMP (Internet Control Message Protocol) DoS Attack.
 2017-05-29 11:40:46 +02:00
Justin Hall
c0498d53d1 fixed path name 2017-05-26 10:52:07 -07:00
Justin Hall
d430423d1a revised reg info 2017-05-25 17:13:14 -07:00