I've followed the usual guides for adding a Windows Executable (code.exe in this case, along with the correct publisher string, etc), but VSCode just won't become an exempt app, and therefore cannot open encrypted files in our protected directories. Any help would be appreciated!
@AndrewGeorge-6846, Try to create an WIP-exempt AppLocker policy file to configure Visual Studio code as a WIP-exempt app, Here is an article for the reference:
https://docs.microsoft.com/en-us/visualstudio/ide/exempt-visual-studio-from-wip?view=vs-2019
Hope it can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@AndrewGeorge-6846,, Hope things are going well. If there's anything else we can help, feel free to let us know.
How have you extracted the details of the publisher? I normally do it using secpol.msc. Maybe this can get you going..how-to-whitelist-apps-using-applocker.html
I've tried the AppLocker export - SecPol.msc, and also the powershell command to get the EXEs details directly. I've tried both code.exe and 'electron.exe' which was the Original Filename of the app. I've also tried different casing for different properties - but I just can't find the correct combination. (I've also tried Product Name as Visual Studio Code too, with no luck)
These are my existing Exempt App settings:
Name : Visual Studio Code
Product Name :
Type : Desktop apps
Publisher : O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File : Code.exe
Min Version :
Max Version : *
Action : Allow
Product Name should not be left blank. Probably should be 'Visual Studio Code', but match it against the secpol.msc xml output. Also, what version of Visual Studio are you running?
By the way, you can create a Visual Studio app locker xml and exempt that instead.
5 people are following this question.
