Restricting Access to Programs with AppLocker in Windows7
Updated On - 24 Jan 2019
AppLocker- a new feature of Windows7 is the best solution for people, who share their computer with other users and do not want them to access any application from your computer. This feature allows such users to restrict access from Network Group Policies. However, this feature was also available in previous version of Windows as Software Restriction Policies but is now comparatively better than those.
This article will explain the process of restricting access to desired application using AppLocker. Now let us see how AppLocker is used to restrict applications on a shared system:
Restricting access to programs using AppLocker:
Getting started with AppLocker
Perform the below mentioned steps to restrict access to application using AppLocker:
Login as Administrator. Click on Start and type gpedit.msc in Search box and hit Enter.
Under Local Computer Policy go to Computer Configuration \ Windows Settings \ Security Settings \ Application Control Policies \ AppLocker.
Now you will see the overall controls for the applications. Under Configure Rule Enforcement click on the Configure rule enforcement link.
Now under AppLocker Properties check the boxes next to Configured under Executable rules then click OK.
Blocking Applications from running
To block application from running, follow these steps:
After executing above mentioned steps, under the Overview section click on Executable Rules.
Since this is your first time accessing AppLocker, there will be no rules listed. Right-click and select Create New Rule.
This opens up the Create Executable Rules wizard and you can select not to show the introduction screen at start up for the next time you access it.
Select Permissions under Action and select Deny.
Add the user you want to block.
After you’ve selected the deny action and selected the user continue to the next step.
Select Path from the available options.
Click on Browse Folders and select the application you want to block from running.
In the next screen you could add Exceptions like allowing certain files. If you want to block the entire directory for some application, skip to the next screen.
In this screen, you can add a description to the rule so you can keep track if there are several rules configured. Click Create.
A message pops up saying default rules haven’t been created yet. It is important to make sure they are created so click Yes to this message.
Now you will see the default rules and the new one you created showing the selected is denied access to the selected directory.
After creating the rule go into services and make sure that Application Identification is started and is set to automatically start. By default this service is not started so you will need to enable it.
Now, when the restricted user logs into his account and tries to access the restricted applications,Â he gets the following message:
This program is blocked by Group Policy. For more information, contact you System Administrator.
This way a user can restrict other users from accessing selected applications. Now relax and sit at ease, as only authorized users will be able to access applications on your user account.
Windows data recovery is important and crucial for any user who needs to get back data from the corrupt, damaged, formatted, inaccessible partitions. The Windows partitions generally become inaccessible due to bad sectors, MBR corruptions, drive failures, virus intrusions, registry corruptions, lost and deleted partitions, and Boot sector corruptions and makes the files and folders inaccessible to users. Kernel for Windows helps to recover files and folders from Windows partition which become inaccessible due to the mentioned reasons. It supports Windows7, Vista, XP, 2003, 2002, and 98 versions to restore data.