Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
NL-PO-WIN-C-AppLocker Laptops
Data collected on: 2-9-2025 12:23:49
General
Details
Domainemea.tpg.ads
OwnerEMEA\langras.5-adm
Created24-10-2024 12:52:54
Modified18-6-2025 10:36:44
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions139 (AD), 139 (SYSVOL)
Unique ID{c38f8d00-04b0-4022-bfe0-8a950e21c8a7}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
LaptopsNoEnabledemea.tpg.ads/BE/Systems/Clients/Laptops
LaptopsNoEnabledemea.tpg.ads/NL/Systems/Clients/Laptops
LaptopsNoEnabledemea.tpg.ads/SR/Systems/Clients/Laptops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\NL-L-SEC-Deny All AppLockerCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
Application Identity (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Remote Management (WS-Management) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Application Control Policies
Appx Rules
PolicySetting
Enforce rules of this typeTrue

ActionUserNameRule TypeExceptions
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.MicrosoftEdgeDevToolsClient, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.NarratorQuickStart, from MicrosoftPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(xbox) Microsoft.Xbox.TCUI, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Winget.Source, from Microsoft CorporationPublisherNo
AllowEveryoneAll signed packaged appsPublisherYes
DenyEMEA\NL-L-SEC-AppLocker Restricted(Store) Microsoft.WindowsStore, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.DesktopAppInstaller, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.ParentalControls, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.MicrosoftStickyNotes, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.ZuneVideo, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(xbox) Microsoft.GamingApp, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restrictedc5e2524a-ea46-4f67-841f-6a9465d9d515, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedNcsiUwpApp, from MicrosoftPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.BingWeather, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.ZuneMusic, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(Cortana) Microsoft.549981C3F5F10, from Microsoft CorporationPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow Snipping ToolMicrosoft.ScreenSketch, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.WindowsMaps, from Microsoft CorporationPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow Microsoft CopilotMicrosoft.Copilot, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.AsyncTextService, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.Apprep.ChxApp, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.VP9VideoExtensions, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.XboxGamingOverlay, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.MicrosoftSolitaireCollection, from Microsoft StudiosPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Paint, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.WindowsSoundRecorder, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted1527c705-839a-4832-9118-54d4Bd6a0c89, from Microsoft CorporationPublisherNo
AllowBUILTIN\AdministratorsAll signed packaged appsPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Getstarted, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(Weather) Microsoft.BingWeather, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.SecHealthUI, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.BingNews, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.SecHealthUI, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.ContentDeliveryManager, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(xbox) Microsoft.XboxGameOverlay, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.XGpuEjectDialog, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.SecureAssessmentBrowser, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.WindowsFeedbackHub, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(Terminal) Microsoft.WindowsTerminal, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.YourPhone, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(xbox) Microsoft.XboxSpeechToTextOverlay, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.GetHelp, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(ClipChamp) Clipchamp.Clipchamp, from Microsoft Corp.PublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoftCorporationII.QuickAssist, from Microsoft Corp.PublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedF46D4000-FD22-4DB4-AC8E-4E1DDDE828FE, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.BingSearch, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.Windows.DevHome, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(xbox) Microsoft.XboxGameCallableUI, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedMicrosoft.ECApp, from Microsoft CorporationPublisherNo
DenyEMEA\NL-L-SEC-AppLocker Restricted(xbox) Microsoft.XboxIdentityProvider, from Microsoft CorporationPublisherNo
Dll Rules
No rules of type 'Dll Rules' are defined.
Executable Rules
PolicySetting
Enforce rules of this typeTrue

ActionUserNameRule TypeExceptions
AllowEMEA\NL-L-SEC-AppLocker Allow PowershellPOWERSHELL_ISE.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEveryoneZOOM, in ZOOM, from O=ZOOM VIDEO COMMUNICATIONS, INC., L=SAN JOSE, S=CALIFORNIA, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow NotepadNOTEPAD.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEveryoneCLICKSHARE PRESENTSENSE, from O=BARCO N.V., L=KORTRIJK, S=WEST-VLAANDEREN, C=BEPublisherNo
AllowEveryoneSCREENMEET, from O=PROJECTOR.IS, INC., L=SAN FRANCISCO, S=CALIFORNIA, C=USPublisherNo
AllowEveryoneGOTO, from O=LOGMEIN, INC., L=BOSTON, S=MASSACHUSETTS, C=USPublisherNo
AllowEveryoneJABRA DIRECT, from O=GN AUDIO A/S, L=BALLERUP, C=DKPublisherNo
AllowEveryoneUIPATH, from O=UIPATH, INC., L=NEW YORK, S=NEW YORK, C=USPublisherNo
AllowEveryoneSigned by O=ISLAND TECHNOLOGY INC., L=COPPELL, S=TEXAS, C=USPublisherNo
AllowEveryoneTELEKNOWLEDGE CONNECT, from O=TELEKNOWLEDGE CALL CENTER SOLUTIONS B.V., S=NOORD-HOLLAND, C=NLPublisherNo
AllowEveryoneGOOGLE CHROME, from O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CALIFORNIA, C=USPublisherNo
AllowEveryoneCLICKSHARE, from O=BARCO N.V., L=KORTRIJK, S=WEST-VLAANDEREN, C=BEPublisherNo
AllowEveryoneSigned by O=CITRIX SYSTEMS, INC., L=FORT LAUDERDALE, S=FLORIDA, C=USPublisherNo
AllowEveryoneGOOGLE UPDATER, from O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CALIFORNIA, C=USPublisherNo
AllowEveryoneGOTOMEETING, from O=LOGMEIN, INC., L=BOSTON, S=MASSACHUSETTS, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow ITPOWERSHELL.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEveryoneMICROSOFT EDGE UPDATE, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow ITSLACK, from O=SLACK TECHNOLOGIES, LLC, L=SAN FRANCISCO, S=CALIFORNIA, C=USPublisherNo
AllowEveryoneSigned by O=CITRIX SYSTEMS, INC., L=FORT LAUDERDALE, S=FLORIDA, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow WordpadWORDPAD.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow PowershellPOWERSHELL, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow Snipping ToolSNIPPINGTOOL.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow PowershellPOWERSHELL.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEMEA\NL-L-SEC-AppLocker Allow ODBCODBCAD32.EXE, in MICROSOFT® WINDOWS® OPERATING SYSTEM, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEveryoneAll files located in the Windows folderPathYes
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files\WindowsApps\Microsoft.WindowsFeedback*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files\WindowsApps\Microsoft.MSPaint*PathNo
AllowEveryone%OSDRIVE%\USERS\*\APPDATA\LOCAL\MICROSOFT\ONEDRIVE\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Unrestricted%OSDRIVE%\USERS\*PathNo
DenyEMEA\NL-L-SEC-AppLocker Restrictedc:\Program Files (x86)\Common Files\Java\Java Update\*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files\Mozilla Firefox\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow Snipping Toolc:\Program Files\WindowsApps\Microsoft.ScreenSketch*PathNo
AllowEveryone%OSDRIVE%\USERS\*\APPDATA\LOCAL\MICROSOFT\TEAMS\*PathNo
AllowEveryone%OSDRIVE%\USERS\*\APPDATA\LOCAL\JXBROWSER\*PathNo
DenyEMEA\NL-L-SEC-AppLocker Restrictedc:\Program Files\WindowsApps\Microsoft.WindowsTerminal*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Windows\System32\osk.exePathNo
AllowEMEA\NL-L-SEC-AppLocker Allow IT%HOT%\*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files (x86)\Mozilla Firefox\*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files\WindowsApps\Microsoft.Windows.Photos*PathNo
DenyEMEA\NL-L-SEC-AppLocker Restricted%PROGRAMFILES%\WindowsApps\Microsoft.WindowsStore*PathNo
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Windows\WinSxS\amd64_microsoft-windows-wordpad*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow Anaconda3C:\ProgramData\Anaconda3\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow TAP Screenrecording Toolc:\Program Files\Captura-Portable\*PathNo
AllowEveryoneAll files located in the Program Files folderPathYes
DenyEMEA\NL-L-SEC-AppLocker RestrictedC:\Program Files\WindowsApps\Microsoft.Paint*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow Snipping Tool%SYSTEM32%\SNIPPINGTOOL.EXEPathNo
AllowEMEA\NL-L-SEC-AppLocker Allow IT%OSDRIVE%\*PathNo
AllowBUILTIN\Administrators(Default Rule) All filesPathNo
AllowEveryoneSetUserFTA.exeHashNo
Windows Installer Rules
PolicySetting
Enforce rules of this typeTrue

ActionUserNameRule TypeExceptions
AllowEveryoneMICROSOFT TEAMS MEETING ADD-IN FOR MICROSOFT OFFICE, from O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=USPublisherNo
AllowEveryoneAll Windows Installer files in %systemdrive%\Windows\InstallerPathNo
AllowEveryone%PROGRAMFILES%\WINDOWSAPPS\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow IT%OSDRIVE%\*PathNo
AllowBUILTIN\Administrators(Default Rule) All Windows Installer filesPathNo
AllowEMEA\NL-L-SEC-AppLocker Allow Scripts in Userprofile%OSDRIVE%\USERS\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow IT%HOT%\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Unrestricted%OSDRIVE%\USERS\*PathNo
Script Rules
PolicySetting
Enforce rules of this typeTrue

ActionUserNameRule TypeExceptions
AllowEMEA\NL-L-SEC-AppLocker Restricted%OSDRIVE%\Users\Public\Fsal\*PathNo
AllowEveryone(Default Rule) All scripts located in the Program Files folderPathNo
AllowEMEA\NL-L-SEC-AppLocker Allow IT%HOT%\*PathNo
AllowEveryone(Default Rule) All scripts located in the Windows folderPathNo
AllowEveryone\\Emea.tpg.ads\sysvol\emea.tpg.ads\Policies\*\User\Scripts\Logon\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow IT%OSDRIVE%\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Unrestricted%OSDRIVE%\USERS\*PathNo
AllowBUILTIN\Administrators(Default Rule) All scriptsPathNo
AllowEveryone%OSDRIVE%\PROGRAMDATA\MICROSOFT\GROUPPOLICY\USERS\*PathNo
AllowEMEA\NL-L-SEC-AppLocker Allow Scripts in Userprofile%OSDRIVE%\USERS\*PathNo
Preferences
Windows Settings
Registry
DisableAIDataAnalysis (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\WindowsAI
Value nameDisableAIDataAnalysis
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.