Site icon TOSS

Get-AppLockerPolicy

powershell

Get-AppLockerPolicy is accessible with the help of AppLocker module. To configure AppLocker, go through this link.

Synopsis

Gets the local, the effective, or a domain AppLocker policy.

Description

The Get-AppLockerPolicy cmdlet retrieves the AppLocker policy from the local Group Policy Object (GPO), a specified Group Policy Object (GPO), or the effective policy on the computer.

By default, the output is an AppLockerPolicy object. If the Xml parameter is used, then the output will be the AppLocker policy as an XML-formatted string

Parameters

-Domain
Gets the AppLocker policy from the GPO specified by the path given in the Ldap parameter.

    Required?                    true
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

-Effective <SwitchParameter>
    Gets the effective AppLocker policy on the local computer. The effective policy is the merge of the local AppLocker policy and any applied AppLocker domain policies on the local computer.

    Required?                    true
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

-InformationAction <System.Management.Automation.ActionPreference>
    Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:

    -- SilentlyContinue
    -- Stop
    -- Continue
    -- Inquire
    -- Ignore
    -- Suspend

    Required?                    false
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

-InformationVariable <System.String>
    Specifies a variable in which to store an information event message.

    Required?                    false
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

-Ldap <String>
    Specifies the LDAP path of the GPO and must specify a unique GPO.

    Required?                    true
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

-Local <SwitchParameter>
    Gets the AppLocker policy from the local GPO.

    Required?                    true
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

-Xml <SwitchParameter>
    Specifies that the AppLocker policy be output as an XML-formatted string.

    Required?                    false
    Position?                    named
    Default value                none
    Accept pipeline input?       false
    Accept wildcard characters?  false

Syntax

Get-AppLockerPolicy [-Local] [-Xml] [<CommonParameters>]

Get-AppLockerPolicy [-Domain] -Ldap <String> [-Xml] [<CommonParameters>]

Get-AppLockerPolicy [-Effective] [-Xml] [<CommonParameters>]

—————EXAMPLE 1—————
PS C:>Get-AppLockerPolicy -Local
This example gets the local AppLocker policy as an AppLockerPolicy object.

—————EXAMPLE 2—————
PS C:>Get- AppLockerPolicy -Effective -Xml | Set-Content (‘c:\toss\curr.xml’)
This example gets the effective policy on the computer, and then sends it in XML-format to the specified file on an existing path.

—————EXAMPLE 3—————
PS C:>Get-AppLockerPolicy -Local | Test-AppLockerPolicy -Path C:\Windows\System32*.exe -User Everyone
This example gets the local AppLocker policy on the computer, and then tests the policy using the Test-AppLockerPolicy cmdlet to test whether the .exe files in C:\Windows\System32 will be allowed to run by the Everyone group.

You can check the Version, CommandType and Source of this cmdlet by giving below command.

Get-Command Get-AppLockerPolicy

You can also read about

To know more PowerShell cmdlets(Commands) on AppLocker click here

Click on this Link for an Single place where you get all the PowerShell cmdlet sorted based on the modules.

You can also refer other blogs on PowerShell at link

You can also refer other blogs on Microsoft at link

And also if you required any technology you want to learn, let us know below we will publish them in our site http://tossolution.com/

Like our page in Facebook and follow us for New technical information.

References are taken from Microsoft

Exit mobile version