< Back
Add-AppLockerPolicyPathRule
Post
NAME Add-AppLockerPolicyPathRule
SYNOPSIS
Adds an AppLocker policy file hash rule to an AppLocker policy document.
SYNTAX
Add-AppLockerPolicyPathRule [-AppLockerPolicyDocument] <XmlDocument> [-Path] <String> [-Name] <String> [[-Id]
<String>] [[-Description] <String>] [[-UserOrGroupSid] <String>] [[-Action] <String>] [[-Collection] <String>]
[-PassThru] [<CommonParameters>]
DESCRIPTION
Adds a path rule to an existing AppLocker policy document [XmlDocument]. If not specified, path authorizations
are only applied to the 'Exe' rule collection and by default allowed for all users ('S-1-1-0).
PARAMETERS
-AppLockerPolicyDocument <XmlDocument>
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Path <String>
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Name <String>
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Id <String>
Required? false
Position? 4
Default value ([System.Guid]::NewGuid().ToString())
Accept pipeline input? false
Accept wildcard characters? false
-Description <String>
Required? false
Position? 5
Default value
Accept pipeline input? false
Accept wildcard characters? false
-UserOrGroupSid <String>
Required? false
Position? 6
Default value S-1-1-0
Accept pipeline input? false
Accept wildcard characters? false
-Action <String>
Required? false
Position? 7
Default value Allow
Accept pipeline input? false
Accept wildcard characters? false
-Collection <String>
Required? false
Position? 8
Default value Exe
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-PassThru [<SwitchParameter>]
Returns the created XmlElement object to the pipeline. By default, this cmdlet does not generate any output.
Required? false
Position? named
Default value False
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>Add-AppLockerPolicyPathRule -AppLockerPolicyDocument $appLockerPolicy -Name 'BadApp 1.0.0: BAD.exe' -Path
'%PROGRAMFILES%\\BADAPP\\BAD.exe'
Adds the path rule to the 'Exe' rule collection to the AppLocker policy [XmlDocument] in the '$appLockerPolicy'
variable.
RELATED LINKS
SYNOPSIS
Adds an AppLocker policy file hash rule to an AppLocker policy document.
SYNTAX
Add-AppLockerPolicyPathRule [-AppLockerPolicyDocument] <XmlDocument> [-Path] <String> [-Name] <String> [[-Id]
<String>] [[-Description] <String>] [[-UserOrGroupSid] <String>] [[-Action] <String>] [[-Collection] <String>]
[-PassThru] [<CommonParameters>]
DESCRIPTION
Adds a path rule to an existing AppLocker policy document [XmlDocument]. If not specified, path authorizations
are only applied to the 'Exe' rule collection and by default allowed for all users ('S-1-1-0).
PARAMETERS
-AppLockerPolicyDocument <XmlDocument>
Required? true
Position? 1
Default value
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
-Path <String>
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Name <String>
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Id <String>
Required? false
Position? 4
Default value ([System.Guid]::NewGuid().ToString())
Accept pipeline input? false
Accept wildcard characters? false
-Description <String>
Required? false
Position? 5
Default value
Accept pipeline input? false
Accept wildcard characters? false
-UserOrGroupSid <String>
Required? false
Position? 6
Default value S-1-1-0
Accept pipeline input? false
Accept wildcard characters? false
-Action <String>
Required? false
Position? 7
Default value Allow
Accept pipeline input? false
Accept wildcard characters? false
-Collection <String>
Required? false
Position? 8
Default value Exe
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-PassThru [<SwitchParameter>]
Returns the created XmlElement object to the pipeline. By default, this cmdlet does not generate any output.
Required? false
Position? named
Default value False
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>Add-AppLockerPolicyPathRule -AppLockerPolicyDocument $appLockerPolicy -Name 'BadApp 1.0.0: BAD.exe' -Path
'%PROGRAMFILES%\\BADAPP\\BAD.exe'
Adds the path rule to the 'Exe' rule collection to the AppLocker policy [XmlDocument] in the '$appLockerPolicy'
variable.
RELATED LINKS