How to update "Run only specified windows applications" GPO programmatically (VBScript)

  • Article

Hi all,

 

A customer of mine had to add a list of thousands of applications to the "Run only specified windows applications" GPO on his Windows Server 2008. And obviously he wanted to automate this task to avoid adding them manually one at a time. 

So I went the easy way and created the following VBscript that simulates a user entering the application names on the "List of allowed applications" in the "Show Contents" window of the GPO.

This script takes a file with a list of application names, and sends those names to the window automatically. Note that we must select the place in the "List of allowed applications" where we want to enter the data before running the script.

 

 

 ' Open the text file, located in the same path as the script

Set objFSO = CreateObject("Scripting.FileSystemObject")

strPath = Mid(Wscript.ScriptFullName, 1, InStrRev(Wscript.ScriptFullName, wscript.ScriptName) -1)

Set objFile = objFSO.OpenTextFile(strPath & "applist.txt")



' Activate the "Show Contents" window with the "List of allowed applications".

' Note the window must be opened already and we should have selected where in 

' the list we want to enter the data before running the script

set WshShell = WScript.CreateObject("WScript.Shell")

WScript.Sleep 1000

WshShell.AppActivate "Show Contents"



' Read the file line by line

Do While objFile.AtEndOfStream <> True

    ' Each line contains one EXE name

    exeName = objFile.ReadLine

    

    ' Escape forbidden chars { } [ ] ( ) + ^ % ~

    exeName = Replace(exeName, "[", "{[}")

    exeName = Replace(exeName, "]", "{]}")

    exeName = Replace(exeName, "(", "{(}")

    exeName = Replace(exeName, ")", "{)}")

    exeName = Replace(exeName, "+", "{+}")

    exeName = Replace(exeName, "^", "{^}")

    exeName = Replace(exeName, "%", "{%}")

    exeName = Replace(exeName, "~", "{~}") 

    

    ' Send the EXE name to the window

    WScript.Sleep 100

    WshShell.SendKeys exeName

    

    ' Move to the next one

    WshShell.SendKeys "{TAB}"    

Loop

objFile.Close

 

 

 

I hope this helps.

Regards,

 

Alex (Alejandro Campos Magencio)