DEVHIDE
Login Or Sign up

How to delete AppLocker rules with powrshell?

1.2k Views Asked by At

I need to remove AppLocker rules filtered by name. First of all i want to understand how i can delete rules.

I can get current AppLocker rules and i can see, that RuleCollections has method "Delete"

$local:Policy = Get-AppLockerPolicy -Local
$Policy.RuleCollections | gm

I can delete rules from categories where only one rule

$Policy.RuleCollections | Where {$_.Count -eq 1} | foreach {$_.Delete($_.Id)}

How can i delete rules from categories where more than one rule?

powershell applocker
Original Q&A
2

There are 2 best solutions below

1
On

As per my comment.

# Remove all applocker policies for the specified rule type.
Get-AppLockerPolicy -Effective | 
Remove-AppLockerPolicy -RuleType Executable
0
On 
$LocalAppLockerPolicy = Get-AppLockerPolicy -Local
$RuleCollection = $LocalAppLockerPolicy.GetRuleCollection('exe')
$AppLockerRule = $RuleCollection | ? {$_.PathConditions.Path.Path -eq $PathName}
$RuleCollection.Delete($AppLockerRule.Id)
Set-AppLockerPolicy -PolicyObject $LocalAppLockerPolicy

Related Questions in POWERSHELL

Related Questions in APPLOCKER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.