Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#Requires -Module Applocker
#Requires -PSEdition Desktop
#Requires -RunAsAdministrator
Function Clear-ApplockerLocalPolicy {
[CmdletBinding()]
Param()
Begin {}
Process {
Try {
$null = Get-AppLockerPolicy -Local -ErrorAction SilentlyContinue
[Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.AppLockerPolicy]::FromXml(
@'
<AppLockerPolicy Version="1">
<RuleCollection Type="Exe" EnforcementMode="NotConfigured" />
<RuleCollection Type="Msi" EnforcementMode="NotConfigured" />
<RuleCollection Type="Script" EnforcementMode="NotConfigured" />
<RuleCollection Type="Dll" EnforcementMode="NotConfigured" />
<RuleCollection Type="Appx" EnforcementMode="NotConfigured" />
</AppLockerPolicy>
'@
) |
Set-AppLockerPolicy -ErrorAction Stop
Write-Verbose -Message 'Successfully cleared local Applocker policy'
} catch {
Write-Error $_
}
}
End {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment