The "Run only allowed Windows applications" Group Policy setting displays no entries
Regardless of the operating system, the Group Policy settings are applied correctly.
- The network is a mixed environment of different operating systems including the following:
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
- Windows Vista (RSAT)
- Windows 7 (RSAT)
- Windows 8.1
- The network also has at least one computer that is running one of the following operating systems:
- Windows Server 2003
- Windows Server 2003 R2
- Windows XP
- You have previously edited the Group Policy setting on a computer that is running Windows XP or Windows Server 2003.
Method 1: Use AppLocker or Software Restriction policies instead of this legacy policyWindows 7 and Windows Server 2008 R2 introduced AppLocker to:
- Help prevent malicious software (malware) and unsupported applications from affecting computers in your environment.
- Prevent users from installing and using unauthorized applications.
- Implement application control policy to satisfy security policy or compliance requirements in your organization.
Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 all support Software Restriction Policies (SAFER) which also control applications similiarly to AppLocker. Both AppLocker and SAFER replace the legacy policy setting "Run only allowed Windows applications", which was originally designed for Windows 95 system policies.
For more information about AppLocker, please review:
For more information about SAFER, please review:
Method 2: Re-create the setting on Windows 7 or on Windows Server 2008To work around this issue, you will have to re-create the Run only allowed Windows applications Group Policy setting by using the Group Policy Management Editor window on a server that is running Windows Server 2008 or on a Windows 7-based computer. After the setting has been re-created, do not edit Group Policy settings on a server that is running Windows Server 2003 or on a Windows XP-based computer.
Method 3: Edit the setting on Windows Server 2003 or on Windows XPTo work around this issue, only edit the Run only allowed Windows applications Group Policy setting on a server that is running Windows Server 2003 or on a Windows XP-based computer.
Article ID: 976922 - Last Review: 09/01/2016 13:28:00 - Revision: 2.1
- kbgrppolicyprob kbtshoot kbexpertiseinter kbsurveynew kbprb KB976922