• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 113
  • Last Modified:

PowerShell GPO Software Restriction Policy Script to apply to OU like "Workstation" or "Desktop" or "Laptop"

Hi

I have a very interesting query that would maybe eliminate this CryptoLocker virus once and for all.

I need a script that i can run on a few servers (different domains) that automatically creates a GPO called "Software Restriction policies", adds a path rule in the policy to block applications running in "%LocalAppData\*\*.exe" , then applies that to any OU in AD resembling "Workstations", "Desktop" or "Laptop"

When this whole thing is done manually per server, it works like a charm. The issue is we are trying to save man hours...
Thought that since i'm paying a monthly fee for Experts Exchange  and rarely use it :) , i could post it here.
0
jrobbertse
Asked:
jrobbertse
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
that is called by using a wmi filter in group policy editor
Any windows Client OS
select * from Win32_OperatingSystem WHERE (ProductType <> "2") AND (ProductType <> "3") 

Open in new window

I use the wmi filters from http://bit.ly/15OE9TU
0
 
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now