Azure AD and software restriction policies



  • Does anybody know how to push software restriction policies AKA application whitelisting in Windows 10 via Azure AD? We used that policies (and windows defender, also) to mitigate ransomware &co., and this approach has been very effective till now. No capital investment, very light on the machineā€¦ but, what about an AAD only scenario (no AD connector)?



  • I'm currently unaware of any GPO type fuctions inside Azure AD. To get this you have to use InTune or a third party solution.



  • To do Group Policy with Azure AD you either need to add InTune to AAD or else you need a third party solution. I think you can do this with PowerShell scripts, but I've never tried to replicate GP in that way on Windows. It's how we would do it on Linux, though. Something like Ansible should work, too.


Log in to reply