A module for retrieving application information for application control and allow listing purposes with tools such as Ivanti Application Manager and Microsoft AppLocker.
This repository contains a folder named ApplicationControl. The folder needs to be installed into one of your PowerShell Module Paths. To see the full list of available PowerShell Module paths, use $env:PSModulePath.split(';')
in a PowerShell console.
Common PowerShell module paths include:
- Current User:
%USERPROFILE%\Documents\WindowsPowerShell\Modules\
- All Users:
%ProgramFiles%\WindowsPowerShell\Modules\
- OneDrive:
$env:OneDrive\Documents\WindowsPowerShell\Modules\
- Download the
master branch
to your workstation. - Copy the contents of the ApplicationControl folder onto your workstation into the desired PowerShell Module path.
- Open a Powershell console with the Run as Administrator option.
- Run
Set-ExecutionPolicy
using the parameterRemoteSigned
orBypass
.
Once installation is complete, you can validate that the module exists by running Get-Module -ListAvailable ApplicationControl
. To use the module when it is located in one of the locations above, load it with:
Import-Module ApplicationControl
The module can be loaded from a specific path if it is not in one of the default locations:
Import-Module C:\Temp\ApplicationControl
Here is an example using the module to create an Ivanti Application Control configuration for Microsoft Teams. This application uses the Electron framework and Squirell for in process updates, making allow listing a challenge because the application installs and updates in the user profile and in the user context. This example trawls the application folders and find unique metadata to turn into an Ivanti Application Control configuration using RegEx paths to simplify the configuration as much as possible.
Import-Module ApplicationControl -Force
$Path = "C:\Users\aaron\AppData\Local\Microsoft\Teams", "C:\Users\aaron\AppData\Local\Microsoft\TeamsMeetingAddin"
$Files = @()
foreach ($Folder in $Path) {
$AppFiles = Get-AcFileMetadata -Verbose -Path $Folder
$UniqueFiles = Select-AcUniqueMetadata -FileList $AppFiles -Verbose
$RegExFiles = ConvertTo-RegExPath -Files $UniqueFiles -Path $Folder -Verbose
$Files += $RegExFiles
Remove-Variable AppFiles, NoMetadata, Metadata, UniqueFiles, RegExFiles
}
New-AcAampConfiguration -AccessibleFiles $Files -Path C:\Temp\MicrosoftTeams.aamp -Verbose