Hi to all,
I was directed to post this query here after submitting it on the MS Community forum.
I have searched for related answers but I think I'm using the wrong search words as no specific replies were found.
I have a Windows 7 Ultimate (x86) in a virtual machine in VirtualBox and am using this vm to teach students about basic security on a Windows operating system. The problem is that when I add a new Deny rule to stop a specific hypothetical user from using Windows Media Player (wmplayer.exe from Publisher with no exceptions), the rule is also including the Administrators but not in preventing them from running wmplayer.exe but from installing a program or running an executable file such as VirtualBox's Guest Addons image. The users are created locally and not on any domains.
I happened to notice this when I logged on the VM using an administrator account and wanted to install the VirtualBox Guest addons. The error - "This program is blocked by group policy..." popped up. I found that I can still run/install and exe if I use the Run as Administrator option from context menu. But this is tedious :-(
I have also tried adding an allow Path rule with the "*" path to allow administrators free reign but this still does not work.
Can I somehow prevent the rule/s in Applocker from also blocking the Administrators group? I tried adding the default rules to Windows Installer and Script rules but this also blocks the administrators with the same error.
Any help would be greatly appreciated. Thanks.