Microsoft Technical Takeoff: Windows and Microsoft Intune
Oct 24 2022 07:00 AM - Oct 27 2022 12:00 PM (PDT)

Application Control - LOB Application Exclusions

Occasional Contributor

Hi,

 

Consider I've tested Application Control in either audit or enforce mode (setting from Endpoint Manager/Endpoint Protection/AC). Everything seems to work fine except a few LOB-applications.

 

Questions:

How do I exclude these LOB-applications from Application Control?

I think I've read about that you need to combine Application Control with Applocker for exclusions is that true? If that's the case where can I find documentation on how to setup exclusions?

If that's true - does the exclusions need to be managed by GPO or can it be managed via MDM only? (AAD Join only)

 

Simon Håkansson_0-1596787272574.png

1 Reply

In MEMCM you have this capability, but what if I'm having an environment where a CM is not present? Would be fantastic to be able to add custom LOB-apps as exclusions this way but in Intune but maybe that's considered a security or non-issue?

Simon Håkansson_0-1596790043376.png