I'm curious if there's a way to bypass Windows AppLocker restrictions in a domain environment, especially when the rules are enforced through Intune deployment. I'm looking for any potential workarounds that might be available with my local admin account.
6 Answers
Technically, admins can't really bypass rules unless exclusions are made. The application identity service is what's responsible for blocking apps, and if you were to stop that service, everything would be fair game again.
For a quick fix, consider moving your executable files into the Program Files or Windows directories. That might help you avoid some restrictions.
If you're dealing with AppLocker, one strategy is to apply the rules to users instead of computers. This provides more flexibility.
It really depends on how the AppLocker rules are set up. Many default configurations allow local admins to bypass them.
It's important to remember that local admin access shouldn't be granted to just anyone, as it gives full control over the system. That's the main reason for strict AppLocker implementations.
If Intune is in charge of local group policy, you could likely disable those settings, but they'll just come right back after a refresh.
Just to clarify, it's 'per se', not 'per say' when you're discussing these terms!