Application control and remote actions

Microsoft allows organizations to deploy application control policies using AppLocker. It helps you control what executables files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers can run on supported Windows operating systems.

Learn more about AppLocker (external link) and its requirements (external link) directly on the Microsoft documentation website.

AppLocker compatibility mode

Starting from the Collector version 6.27.2.186, the Remote Actions scripts can be executed under the current interactive user session, even when AppLocker is running on the machine.

To ensure everything is working as expected, the scripts must be allowed to run by the AppLocker policy. This is not specific to Nexthink and you can learn more about it on the Microsoft documentation website.

To activate the AppLocker compatibility mode add the following registry key.

Key

HKLM\Software\Nexthink\RemoteActions

Value name

applockercompat

Value type

DWORD

Value data

1

The change will take effect straight away, there is no need to restart the Collector or the operating system.

Important guidelines

When Remote Actions runs in AppLocker compatibility mode, make sure to follow these specific guidelines impacting the format of the input parameter names:

  • The first character must be a letter or an underscore.

  • The subsequent characters must be alpha-numeric, a hyphen or an underscore.

  • The parameter name must not exceed 255 characters.

Last updated

#451: 2024.8-Overview of integration DOC

Change request updated