Sophie is planning on using AppLocker to control access to a

Sophie is planning on using AppLocker to control access to applications on a new network she has constructed for the Research and Development department at a major aerospace Firm. The software developers in the department have recently deployed a new application called Virtual Wind Tunnel, which is based on government project research and is therefore classified. All of the full-time personnel have sufficient clearance to use the application, hut the interns in the department do not. Sophie has placed the user accounts for everyone in the department into a security group called ResDev. The interns are also members of a group called RDint. How can Sophie use AppLocker to provide everyone in the department with access to the Virtual Wind Tunnel application without changing the group memberships and without having to apply policies to individual users?

Solution

Rule 01 - Using AppLocker Sophie can assign permission to all members of ResDev group. These permission will grant access to all programms including Virtual Wind Tunnel to all members of ResDev.

Rule 02 - To prohibit the intern from using the Virtual Wind Tunnel she needs to assign an exception for group RDint. This exception will allow interns\' access to all programms except Virtual Wind Tunnel.

If you using Group Policy Management Consol then in Console Tree -> Application Cotrol Policies -> AppLocker -> right click rule collection for which rule creation will be done -> Create New Rule.

Ref : Create AppLocker Rule (technet.microsoft.com)