Goal: to set up an AppLocker whitelist through GPO The Setup the GPO is linked to the domain affecting all authenticated users (just for testing of course) Default Rules have been generated. Executable Rule Enforcement is set to Audit Only. I have three users, a local Administrator, a Domain Administrator, and a standard user. Windows 7 on the client machine and a fully updated Server 2008 R2 DC The Application Identity service has been started on the machine and is logging AppLocker related events. Issue My Domain Administrator and My Local administrator are tripping the AppLocker policy when they clearly have the all files permission generated by the default rules (I have an .exe on the C:\ that is beyond the other two rules of the default rule set to have it attempt blocking executables). I can change the BUILTIN\Administrator scope to a single user and it works as intended. However, as soon as I change it to that group again (or any group for that matter) it doesn't apply the way it should and my administrator trips the policy again. I've attempted to see if it was the Group ID not translating properly in the policy, but it does. As well, any rules with a group in them do not work aside from the Everyone Group. Question: Is there some service, configuration, anything that I am missing to resolve this issue?

Any help with this situation?

I've found that AppLocker actually works with the default allow rule for Administrators if you disable UAC - however this is an unacceptable solution if you ask me.....using Run as Administrator of course also works...so maybe that is a usable workaround for IT Support people.... /Ragnar

read this post maybe help you http://mabdelhamid.wordpress.com/2011/10/23/how-to-configure-applocker-group-policy-to-prevent-software-from-running/Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator Abdul Samad Al Qurashi Co. My blog: http://Mabdelhamid.wordpress.com/

I came across this problem aswell. Totally agree. Removing UAC is not an option. For now I've added all our techs (4) What did you end up doing?