I created a test environment to learn active directory administration.
I am using Windows Server 2016 as a Domain Controller and Windows 8.1 Pro as a domain computer.
I created domain user User1.
Created a OU called TestOU and put domain user User1 in that OU.
I edited default domain policy and added new Applocker rule that deny putty to install on domain PC (Using File Hash).
Here are the rules:
https://image.ibb.co/cbSf8H/applocker.png
I login as a domain user on domain computer. Start the Application Identity Service and issue command gpupdate /force.
But i am still able to run putty installer on domain computer.
What I am missing?
Can't we use applocker group policies on Windows 8.1/10 Pro applied by Windows Server 2016 or I need Windows 8.1/10 Enterprise edition for a domain computer or I am doing something wrong?