powershellscripts.com

Tutorials  PowerShell Cmdlet Help for Set-AppLockerPolicy



NAME
Set-AppLockerPolicy

SYNOPSIS
Sets the AppLocker policy for the specified Group Policy object (GPO).

SYNTAX
Set-AppLockerPolicy [-XMLPolicy] [-LDAP ] [-Merge ] [-Confirm] [-WhatIf] [ rs>]

Set-AppLockerPolicy [-PolicyObject] [-LDAP ] [-Merge ] [-Confirm] [-WhatIf] [ mmonParameters>]


DESCRIPTION
The Set-AppLockerPolicy cmdlet sets the specified GPO to contain the specified AppLocker policy. If no Lightweight
Directory Access Protocol (LDAP) path is specified, the local GPO is the default setting. If the Merge parameter is
not specified, the existing AppLocker policy in the target GPO will be overwritten by the new policy.


PARAMETERS
-XMLPolicy
Specifies the path where the AppLocker policy XML file is saved.

Required? true
Position? 0
Default value
Accept pipeline input? false
Accept wildcard characters? false

-PolicyObject
Specifies the AppLockerPolicy object that contains the AppLocker policy. It can be obtained from Get-AppLockerP
olicy and New-AppLockerPolicy.

Required? true
Position? 0
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false

-LDAP
Specifies the LDAP path of the GPO. It must specify a unique GPO. If this parameter is not specified, the local
AppLocker policy is set.

Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false

-Merge
When the Merge parameter is used, rules in the specified AppLocker policy will be merged with the AppLocker rul
es in the target GPO specified in the LDAP path. The merging of policies will remove rules with duplicate rule
IDs, and the enforcement setting specified by the AppLocker policy in the target GPO will be preserved. If the
Merge parameter is not specified, then the new policy will overwrite the existing policy.

Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false

-Confirm []
Prompts you for confirmation before executing the command.

Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false

-WhatIf []
Describes what would happen if you executed the command without actually executing the command.

Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false


This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer and OutVariable. For more information, type,
"get-help about_commonparameters".

INPUTS
Set-AppLockerPolicy can take the AppLocker policy as an AppLockerPolicy object or as an XML file containing AppLock
er policy.


OUTPUTS



NOTES





-------------------------- EXAMPLE 1 --------------------------

C:\PS>Set-AppLockerPolicy -XMLPolicy C:\Policy.xml


Sets the local AppLocker policy to the policy specified in C:\Policy.xml.





-------------------------- EXAMPLE 2 --------------------------

C:\PS>Set-AppLockerPolicy -XMLPolicy C:\Policy.xml -LDAP "LDAP://DC13.Contoso.com/CN={31B2F340-016D-11D2-945F-00C04
FB984F9},CN=Policies,CN=System,DC=Contoso,DC=com"


Sets the GPO specified in the LDAP path to contain the AppLocker policy that is specified in C:\Policy.xml.





-------------------------- EXAMPLE 3 --------------------------

C:\PS>Get-AppLockerPolicy -Local | Set-AppLockerPolicy -LDAP "LDAP://DC13.Contoso.com/CN={31B2F340-016D-11D2-945F-0
0C04FB984F9},CN=Policies,CN=System,DC=Contoso,DC=com" -Merge


Gets the local AppLocker policy, and then merges the policy with the existing AppLocker policy in the GPO specified
in the LDAP path. See the Merge parameter description for more details on how two policies are merged.






RELATED LINKS
Online version: http://go.microsoft.com/fwlink/?LinkID=144110
Get-AppLockerPolicy
New-AppLockerPolicy
Test-AppLockerPolicy
Get-AppLockerFileInformation