AppLocker Update 1
So I tried “Authenticated users” and I had the same issue as Domain Users. And really it would not have solved my problem anyway even if it did work.
To test this I made a test machine and created a local AppLocker rule.
TEST 1
I am using Word this time, the rule is set for a group called “Office Users” (Did not want to use Domain Users again because I think people were getting confused by its use)
Again when trying to open a File with ADS I get an error, slightly different with word. But the AppLocker event error is the same.
If I remove the ADS or set the ZoneID to 0 it opens fine and if I set the rule to “everyone” it works fine.
TEST 2
Repeated the test with Excel and I have the same issues as in the original post.
Looking at the AppLocker events, I see that when running the file with ADS it generates 2 events. The first one is successful and the second one fails. I believe that the second one is when the application is trying to switch to protected view, and this is what is causing the application to fail.
So at this point I would say this is a repeatable Bug; and I think it has to do with the switch to protected view.
At this point I cannot use AppLocker to limit the use of Office 2010 to a Group.
Write a comment
You need to login to post comments!