Applocker block cmd.exe but allow only logon script

I`m running Server 2019 and looking for a way to block cmd.exe with the ability to still execute logon scripts defined by GPO.

I`m using this Applocker bypass list which also includes cmd.exe

How can I work around this? I dont want RDS users to be able to open cmd.exe or execute batch scripts

Leave a Reply

Your email address will not be published. Required fields are marked *