asdf
asdf 08.01.2019 18:18 (GMT+2) Goodbye Applocker and welcome back SRP

Reviving this 3 year old discussion. AppLocker is supported on Windows 10 since September 2017.

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview

Vadims Podāns
Vadims Podāns 20.12.2018 21:06 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 3)

Apart from actual autoenrollment, the feature is used to update certificate stores by downloading published certificates from AD to clients. Autoenrollment executed in user context will be able to update current user stores, but won't be able to update local machine stores if there is no autoenrollment policy in Computer Configuration. So I always recommend to enable autoenrollment for both configurations.

Miguel
Miguel 20.12.2018 21:00 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 3)

Ok, thanks, but if I only wnat to do user autoenrolment, why do I need to enable the GPO in Computer Configuration too? Thanks in advance,

Vadims Podāns
Vadims Podāns 20.12.2018 20:48 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 3)

If autoenrollment is not enabled in User Configuration, then no user certificate autoenrollment will be available. Even if you do not plan to use autoenrollment for user accounts right now, this might change in future. You don't have to bother with GPO and focus on certificate templates. Enabling autoenrollment in User Configuration isn't harmful in any way as long as there are no user templates with Autoenroll permissions for users. Let's say it is just a convenience.

Vadims Podāns
Vadims Podāns 20.12.2018 20:41 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 2)

Адресуйте, пожалуйста, ваш вопрос на профильных форумах. Данная страница предназначена для обсуждения статьи по автоэнроллменту.