{"id":75505,"date":"2023-05-23T15:37:05","date_gmt":"2023-05-23T19:37:05","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=75505"},"modified":"2025-01-22T01:37:17","modified_gmt":"2025-01-22T06:37:17","slug":"restrict-software-on-windows-devices-using-policy","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy","title":{"rendered":"Restrict Software on Windows Devices Using a Policy"},"content":{"rendered":"\n<p><strong>Important<\/strong>:<strong>&nbsp;<\/strong>Software Restriction Policies were deprecated beginning with Windows 10 build 1803 as well as Windows Server 2019 and later. For more information, see&nbsp;<a target=\"_blank\" href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/whats-new\/deprecated-features\" rel=\"noreferrer noopener\">Microsoft&#8217;s documentation<\/a>.<\/p>\n\n\n\n<p>For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.&nbsp;A policy can protect a device from potential threats, and you can control access to it by identifying which applications should be allowed access or which should be blocked.&nbsp;For general information on how JumpCloud policies using allow and deny lists work, see&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/manage-software-restrictions-using-policies\">Manage Software Restrictions&nbsp;Using Policies<\/a>.&nbsp;&nbsp;<\/p>\n\n\n\n<p>You can add file types, applications, and locations to an allow list or deny list in the following ways:<\/p>\n\n\n\n<ul>\n<li>A list of file types identified by their extension that are allowed or blocked if they are in any of the paths you list. For example, to block all Microsoft Access Project files in the C:\\Projects directory, you specify ADP as the file extension&nbsp;and add the directory path in the Directories and\/or Paths field. Make sure you don\u2019t include the period before the file extension or the policy won\u2019t work. On Windows devices the following sample list allows or block&nbsp;Microsoft Access Project files, BASIC files, batch files, and JavaScript files:ADP, BAS, BAT, JS<\/li>\n\n\n\n<li>A fully-qualified path that ends with a file name to allow or restrict the running of that one file. For example, on Windows devices where a deny policy is applied with the following restriction, user&#8217;s can&#8217;t run the StringFinder application from the Custom Utilities folder:C:\\Program Files\\Custom Utilities\\StringFinder.exe<\/li>\n\n\n\n<li>A directory to allow or restrict all executable files in that location from running. For example, on Windows devices where a deny policy is applied with the following restriction, user&#8217;s can&#8217;t run any applications in the&nbsp;<strong>apilibrary<\/strong>&nbsp;folder <code>:C:\\Projects\\apilibrary<\/code><\/li>\n\n\n\n<li>The % character to represent variables expanded by the OS. For example, adding the path %userprofile% to they deny list blocks applications from launching in a user\u2019s specific file or folder.<\/li>\n<\/ul>\n\n\n\n<p>You can use the following examples to understand how to construct environment variables to specify paths. Environment variables are dynamic objects containing an editable value which can be used by software programs. For example, you can use the <code>%USERPROFILE%<\/code> variable to find the directory structure owned by the user running the process.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th>&nbsp;&nbsp;Environment Variable<\/th><th>&nbsp; Path<\/th><\/tr><\/thead><tbody><tr><td>&nbsp; %AppData%<\/td><td>&nbsp;<code> C:\\Users\\{username}\\AppData\\Roaming\\<\/code><\/td><\/tr><tr><td>&nbsp; %LocalAppData%<\/td><td>&nbsp; <code>C:\\Users\\{username}\\AppData\\Local\\<\/code><\/td><\/tr><tr><td>&nbsp; %Temp%<\/td><td>&nbsp;<code> C:\\Users\\{Username}\\AppData\\Local\\Temp\\<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>The following environment variables and paths are common locations you can add to your allow or deny lists:<\/p>\n\n\n\n<ul>\n<li><code>%appdata%\\Microsoft\\Internet Explorer\\UserData\\<\/code><\/li>\n\n\n\n<li><code>%localappdata%\\Microsoft\\Windows\\Temporary Internet Files\\Content.Outlook\\<\/code><\/li>\n\n\n\n<li><code>%LocalAppData%\\Google\\Chrome\\User Data\\Default\\Extensions\\ %LocalAppData%\\slack\\*<\/code><\/li>\n\n\n\n<li><code>%LocalAppData%\\Microsoft\\Windows\\Temporary Internet Files\\<\/code><\/li>\n\n\n\n<li><code>%ProgramFiles%\\Google\\Desktop\\<\/code><\/li>\n\n\n\n<li><code>%userprofile%\\Downloads\\<\/code><\/li>\n\n\n\n<li><code>C:\\Windows\\Temp\\<\/code><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Considerations<\/strong><\/h2>\n\n\n\n<p>You need to use the&nbsp;<a href=\"https:\/\/docs.microsoft.com\/en-us\/dotnet\/standard\/io\/file-path-formats\" target=\"_blank\" rel=\"noreferrer noopener\">fully-qualified path<\/a>&nbsp;to a file or directory to add it to an allow or deny list. You can also use a variable that resolves to one as described in the section above. For an application file, if all three of the following components are present, the path is fully-qualified or absolute. For a directory, if the first two of the following components are present, the path is fully-qualified or absolute:<\/p>\n\n\n\n<ul>\n<li><strong>A volume or drive letter<\/strong>&nbsp;&#8211; Must be followed by the volume separator (:).<\/li>\n\n\n\n<li><strong>A directory name<\/strong>&nbsp;&#8211; The directory separator character separates subdirectories in the nested directory hierarchy.<\/li>\n\n\n\n<li><strong>An optional filename<\/strong>&nbsp;&#8211; The directory separator character separates the file path and the filename.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Determine the absolute path of any location in Windows:<\/strong><\/h2>\n\n\n\n<ol>\n<li>Open&nbsp;<strong>Windows Explorer<\/strong>&nbsp;and locate the file or folder.<\/li>\n\n\n\n<li>Right-click the file or folder, then click&nbsp;<strong>Properties<\/strong>.<\/li>\n\n\n\n<li>For the absolute path to the folder, use the path in&nbsp;<strong>Location<\/strong>. For example, c:\\folder1\\subfolder2.<\/li>\n\n\n\n<li>For the absolute path to a file, use the path in&nbsp;<strong>Location<\/strong>, then add a backslash and the file name to the end of the path. For example, c:\\folder1\\subfolder2\\app.exe.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\"><strong><strong>Create a Software Restrictions policy for Windows:<\/strong><\/strong><\/h2>\n\n\n\n<ol>\n<li>Log in to the JumpCloud Admin Portal:&nbsp;<a target=\"_blank\" href=\"https:\/\/console.jumpcloud.com\/\" rel=\"noreferrer noopener\">https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICES &gt; Policy Management<\/strong>.<\/li>\n\n\n\n<li>In the&nbsp;<strong>All<\/strong>&nbsp;tab, click&nbsp;<strong>(+)<\/strong>.<\/li>\n\n\n\n<li>Select the&nbsp;<strong>Windows<\/strong>&nbsp;tab.<\/li>\n\n\n\n<li>Select the Software Restrictions policy, then click&nbsp;<strong>configure<\/strong>.<\/li>\n\n\n\n<li>(Optional) In the <strong>Policy Name<\/strong> field, enter a new name for the policy or keep the default. Policy names must be unique.<\/li>\n\n\n\n<li>(Optional) In the\u00a0<strong>Policy Notes<\/strong> field, enter details like when you created the policy, where you tested it, and where you deployed it.<br><img decoding=\"async\" width=\"2298\" height=\"1610\" class=\"wp-image-87811\" style=\"width: 500px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png 2298w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy-300x210.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy-1024x717.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy-768x538.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy-1536x1076.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy-2048x1435.png 2048w\" sizes=\"(max-width: 2298px) 100vw, 2298px\" \/><\/li>\n\n\n\n<li>Under&nbsp;<strong>Settings<\/strong>, click&nbsp;<strong>Mode<\/strong>&nbsp;and choose&nbsp;<strong>Deny list<\/strong>&nbsp;or&nbsp;<strong>Allow list<\/strong>.<\/li>\n\n\n\n<li>To&nbsp;bypass Allow list or Deny list restrictions on a local device, select&nbsp;<strong>Exclude Local Administrators<\/strong>.<\/li>\n\n\n\n<li>Under&nbsp;<strong>Directories and\/or Paths<\/strong>, click&nbsp;<strong>add filepath<\/strong>&nbsp;to add another directory or path. Enter either the fully-qualified path to the executable file or the entire application directory you want to list.&nbsp;<\/li>\n\n\n\n<li>Under&nbsp;<strong>Included File Extensions,&nbsp;<\/strong>click&nbsp;<strong>add file extension<\/strong>&nbsp;to add another extension. This action lets you add files types to the allow or deny list by entering the file extension. Don\u2019t include the period before the file extension.&nbsp;<\/li>\n\n\n\n<li>To remove directories, paths and extensions from your list, click the trash can icon next to the item.<\/li>\n\n\n\n<li>(Optional) To apply this policy to device groups,&nbsp;select the&nbsp;<strong>Device Groups<\/strong>&nbsp;tab. Select one or more device groups that will use this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.<\/li>\n\n\n\n<li>(Optional) To apply this policy to devices, select the&nbsp;<strong>Devices<\/strong>&nbsp;tab. Select one or more devices that will use this policy.<\/li>\n\n\n\n<li>Click&nbsp;<strong>save<\/strong>.<\/li>\n\n\n\n<li>Restart all devices where you applied this policy for this policy to take effect.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card warning\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/warning-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Warning:<\/strong> \n<p>If you remove a JumpCloud Software Restriction policy, native Microsoft Software Restriction Policies (SRP) need to be manually reset. To do this, completely delete your native Microsoft SRPs and then re-administer them. For complete steps on how to work with SRPs, refer to the Microsoft documentation:&nbsp;<a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/software-restriction-policies\/administer-software-restriction-policies#introduction\" target=\"_blank\" rel=\"noreferrer noopener\">Administer Software Restriction Policies<\/a>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Delete the software restriction policies that are applied to a Group Policy Editor (GPO)<\/strong><\/h2>\n\n\n\n<ol>\n<li>Open&nbsp;<strong>Group Policy Editor<\/strong>.<\/li>\n\n\n\n<li>In the console tree, right-click&nbsp;<strong>Software Restriction Policies<\/strong>.<\/li>\n\n\n\n<li>Click&nbsp;<strong>Delete Software Restriction Policies<\/strong>.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>When you delete software restriction policies for a GPO, you also delete all software restriction policies rules for that GPO.<\/p>\n\n\n\n<p>After you delete software restriction policies, you can create new software restriction policies for that GPO.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Create new software restriction policies:<\/strong><\/h2>\n\n\n\n<ol>\n<li>In&nbsp;<strong>Group Policy Editor<\/strong>, open&nbsp;<strong>Software Restriction Policies<\/strong>.<\/li>\n\n\n\n<li>On the&nbsp;<strong>Action<\/strong>&nbsp;menu, click&nbsp;<strong>New Software Restriction Policies<\/strong>.<\/li>\n\n\n\n<li>Optionally add any&nbsp;<a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/software-restriction-policies\/administer-software-restriction-policies#BKMK_Add_Del\" rel=\"noreferrer noopener\">Designated File Types<\/a>.<\/li>\n\n\n\n<li>(Optional) Configure&nbsp;<a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/software-restriction-policies\/administer-software-restriction-policies#BKMK_Prevent_Admin\" target=\"_blank\" rel=\"noreferrer noopener\">Enforcement<\/a>&nbsp;settings.<\/li>\n\n\n\n<li>(Optional) Configure&nbsp;<a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/software-restriction-policies\/administer-software-restriction-policies#BKMK_Sec_Lvl\" target=\"_blank\" rel=\"noreferrer noopener\">Security Levels<\/a>.<\/li>\n\n\n\n<li>(Optional)&nbsp;<a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/software-restriction-policies\/administer-software-restriction-policies#BKMK_Apply_SRP_DLLs\" target=\"_blank\" rel=\"noreferrer noopener\">Apply policies to DLLs<\/a>.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Important:&nbsp;Software Restriction Policies were deprecated beginning with Windows 10 build 1803 as well as Windows Server 2019 and later. For [&hellip;]<\/p>\n","protected":false},"author":201,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2852,2862,2924],"support_tag":[],"coauthors":[2835],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Restrict Software on Windows Devices Using a Policy - JumpCloud<\/title>\n<meta name=\"description\" content=\"For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Restrict Software on Windows Devices Using a Policy\" \/>\n<meta property=\"og:description\" content=\"For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-22T06:37:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"alexsnyder\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy\",\"url\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy\",\"name\":\"Restrict Software on Windows Devices Using a Policy - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png\",\"datePublished\":\"2023-05-23T19:37:05+00:00\",\"dateModified\":\"2025-01-22T06:37:17+00:00\",\"description\":\"For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Restrict Software on Windows Devices Using a Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Restrict Software on Windows Devices Using a Policy - JumpCloud","description":"For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy","og_locale":"en_US","og_type":"article","og_title":"Restrict Software on Windows Devices Using a Policy","og_description":"For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.\u00a0","og_url":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy","og_site_name":"JumpCloud","article_modified_time":"2025-01-22T06:37:17+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"6 minutes","Written by":"alexsnyder"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy","url":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy","name":"Restrict Software on Windows Devices Using a Policy - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png","datePublished":"2023-05-23T19:37:05+00:00","dateModified":"2025-01-22T06:37:17+00:00","description":"For Windows devices, you can add a Software Restrictions Policy to specify locations where applications can run.\u00a0","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Windows_SoftwareRestrictions_policy.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/restrict-software-on-windows-devices-using-policy#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Restrict Software on Windows Devices Using a Policy"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75505"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/201"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75505\/revisions"}],"predecessor-version":[{"id":120217,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75505\/revisions\/120217"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=75505"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=75505"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=75505"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=75505"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}