Application control and remote actions
Last updated
Last updated
Microsoft allows organizations to deploy application control policies using AppLocker. It helps you control what executables files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers can run on supported Windows operating systems.
Learn more about AppLocker (external link) and its requirements (external link) directly on the Microsoft documentation website.
Starting from the Collector version 6.27.2.186, the Remote Actions scripts can be executed under the current interactive user session, even when AppLocker is running on the machine.
To ensure everything is working as expected, the scripts must be allowed to run by the AppLocker policy. This is not specific to Nexthink and you can learn more about it on the Microsoft documentation website.
To activate the AppLocker compatibility mode add the following registry key.
The change will take effect straight away, there is no need to restart the Collector or the operating system.
When Remote Actions runs in AppLocker compatibility mode, make sure to follow these specific guidelines impacting the format of the input parameter names:
The first character must be a letter or an underscore.
The subsequent characters must be alpha-numeric, a hyphen or an underscore.
The parameter name must not exceed 255 characters.
Key
HKLM\Software\Nexthink\RemoteActions
Value name
applockercompat
Value type
DWORD
Value data
1