Configure SmartScreen via GPO
With Cryptolocker number of variants rising each day we had to implement SmartScreen filter using Group Policy in our environment.
Here’s how you can easily configure SmartScreen filter using GPO.
Open Group Policy editor (gpedit.msc)
Computer configuration | Policies | Administrative Templates | Windows Components | File Explorer
From the right pane select Configure Windows SmartScreen select Enabled and from the dropdown list choose Require approval from an administrator before running downloaded unknown software.
Once policy has been created, you should link the policy to computers container since this is a computer configuration policy.
Since this is a Computer configuration policy it should be applied to a computer containter.
On the other hand if you would like to apply this policy to a user containter you will have to enable Group Policy Loopback processing mode policy setting to be able to apply this policy on a user container.
In this case policy will be applied to all computers/users in that container.
In Group POlicy management navigate to:
Computer Configuration | Policies | Administrative Templates | System/Group Policy
From the right pane choose:
Configure user Group Policy loopback processing mode and select Merge from the dropdown list.
Feel free to leave your comments below.