?
Solved

PowerShell GPO Software Restriction Policy Script to apply to OU like "Workstation" or "Desktop" or "Laptop"

Posted on 2015-01-27
3
Medium Priority
?
96 Views
Last Modified: 2015-06-30
Hi

I have a very interesting query that would maybe eliminate this CryptoLocker virus once and for all.

I need a script that i can run on a few servers (different domains) that automatically creates a GPO called "Software Restriction policies", adds a path rule in the policy to block applications running in "%LocalAppData\*\*.exe" , then applies that to any OU in AD resembling "Workstations", "Desktop" or "Laptop"

When this whole thing is done manually per server, it works like a charm. The issue is we are trying to save man hours...
Thought that since i'm paying a monthly fee for Experts Exchange  and rarely use it :) , i could post it here.
0
Comment
Question by:jrobbertse
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 82

Accepted Solution

by:
David Johnson, CD, MVP earned 2000 total points
ID: 40572594
that is called by using a wmi filter in group policy editor
Any windows Client OS
select * from Win32_OperatingSystem WHERE (ProductType <> "2") AND (ProductType <> "3") 

Open in new window

I use the wmi filters from http://bit.ly/15OE9TU
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40859132
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question