AppLocker Cmdlets in Windows PowerShell

Windows PowerShell® is a task-based command-line shell and scripting language designed especially for system administration. This reference topic for the information technology (IT) professional provides assistance in utilizing the Windows PowerShell cmdlets to script and automate tasks.


The Windows PowerShell cmdlets for AppLocker are designed to streamline the administration of application control policies. The cmdlets can be used to help author, test, maintain, and troubleshoot application control policies and can be used in conjunction with the AppLocker user interface that is accessed through the Microsoft Management Console (MMC) snap-in extension to the Local Security Policy snap-in and Group Policy Management Console.

cmdlet Description


Gets the file information necessary to create AppLocker rules from a list of files or an event log.


Gets the local, the effective, or a domain AppLocker policy.


Creates a new AppLocker policy from a list of file information and other rule creation options.


Sets the AppLocker policy for the specified Group Policy Object (GPO).


Specifies the AppLocker policy to determine whether the input files will be allowed to run for a given user.


To list all the cmdlets that are available, use the Get-Command –Module AppLocker–Module cmdlet.

For more information about, or for the syntax of, any of the cmdlets, use the Get-Help<cmdlet name> cmdlet, where <cmdlet name> is the name of the cmdlet that you want to research. For more detailed information, you can run any of the following cmdlets:

Get-Help<cmdlet name>-Detailed
Get-Help<cmdlet name>-Examples
Get-Help<cmdlet name>-Full

More Information

For more information about the cmdlets, see the following: