Search

Windows Patching has broken Applocker Policy Merge


For the past 5 or 6 years local Applocker policies have been created with Powershell scripts and since Jan 2021 (ish) importing and merging .xml files produced the following error with the following command:


Set-AppLockerPolicy -XmlPolicy "C:\Secure10\Applocker\Enforce.xml" -Merge


Set-AppLockerPolicy : The specified rule collection already exists in the policy.

At line:1 char:1

+ Set-AppLockerPolicy -XmlPolicy "C:\Secure10\Applocker\Enforce.xml" -M ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : NotSpecified: (:) [Set-AppLockerPolicy], RuleCollectionAlreadyExistsException + FullyQualifiedErrorId : Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.RuleCollectionAlreadyExistsException,Microsoft.Security.App

licationId.PolicyManagement.Cmdlets.SetAppLockerPolicyCmdlet


Fresh installation of Windows 10, deploy the PS script and import local policies without issue. Merge can be executed multiple times for all the xml files that PowerShell has generated. Same client, commands and polices but updated and merge wont work....


This issue is one for Microsoft to resolve and once an answer is forthcoming I'll post it.


Anyone else experienced the same problem?


14 views0 comments

Recent Posts

See All