A. With virtualized applications, the actual program runs from the Q: drive by default and not the normal location of C:\Program Files. The default AppLocker exception allows execution of any program under %PROGRAMFILES%, so this won't not apply to Q:. You therefore need to add a new rule to allow execution from the Q: drive.
- Start the Group Policy Management Editor and edit a group policy object that will host the AppLocker new exception.
- Navigate to Computer Configuration, Policies, Windows Settings, Security Settings, Application Control Policies, AppLocker, Executable Rules.
- Run the Create New Rule action and click Next.
- Specify the users to whom the rule will apply. By default, this is Everyone.
- For Conditions, select Path and click Next.
- For the Path, select q:\* and click Next.
- Leave the Exceptions page blank and click Next.
- Give the rule a name, such as App-V Applications (q:\*), and click Create.
- Make sure the group policy object is linked to the computers that run the App-V applications.
0 comments
Hide comments