(Full whitelisted path is "C:\Users\%username%\AppData\Local\Microsoft\SkypeForBusinessPlugin\" meaning any application in that folder or any subfolder thereof would be allowed.) But that doesn't solve the problem. We know the directory where it installs, and allowed the entire directory, with the %username% variable. Second, once the plugin is installed, and once we make sure the user is opening a browser that allows the third-party plugin, it still gets blocked by policy. Because every host seems to have their own installer, hosted on their own server, and they always insist on installing THEIR web app. Instead, we save the installer to a special directory, so that the users can install it under their accounts. We can't just blanket allow the installer from any location, since that's a disaster waiting to happen. This makes the list very broad as is, but one application seems to demand a total lack of application restriction to function: the Skype for Business web app.įirst, even if the employee has the web app installed, it insists on installing again, even if the person clicks the link that says they already have it installed. We deployed an application white list several months ago after more than a year of refinement, and have been tweaking it since then to allow all the programs our employees need to use.
0 kommentar(er)
