Applocker block cmd.exe but allow only logon script

by jortiexx   Last Updated November 08, 2018 23:00 PM

I`m running Server 2019 and looking for a way to block cmd.exe with the ability to still execute logon scripts defined by GPO.

I`m using this Applocker bypass list which also includes cmd.exe

How can I work around this? I dont want RDS users to be able to open cmd.exe or execute batch scripts

Related Questions

Windows 10 AppLocker AppID issue

Updated June 08, 2017 22:00 PM

Can I block a file execution with AppLocker?

Updated July 03, 2015 15:00 PM

Looking for assistance with basic AppLocker setup

Updated June 07, 2016 08:00 AM

how to disable run via search on Windows 10?

Updated February 28, 2017 16:00 PM