The strange case of … Applocker blocking

Applocker blockOn our “standard” workstations we have enabled Microsoft Applocker, which blocks unauthorised software from being installed.

We also have “Unrestricted” workstations, where there is no Microsoft Applocker, and customers can install anything they want.

All our workstations start out as “standard” workstations, and get moved to “Unrestricted” when a customer explicitly requests it.

We do occasionally encounter the issue where Applocker Rules are Still Enforced After The Service is Stopped.

Our fixes are as follows.

Option 1

  1. Apply the Solution from Applocker Rules are Still Enforced After The Service is Stopped

Option 2

  1. Stop the Application Identify service
  2. Delete the SrpV2 registry key and entries under HKEY_LOCAL_Machine\Software\Policies\Microsoft\Windows
  3. Start the Application Identify service
  4. Have the customer reboot the workstation.

Option 3

  1. Stop the Application Identify service
  2. Delete the SrpV2 registry key and entries under HKEY_LOCAL_Machine\Software\Policies\Microsoft\Windows
  3. Start the Application Identify service
  4. On the workstation, perform a gpupdate /force
  5. Have the customer reboot the workstation.

Normally one of those options will work for us.