Event logging is a great feature of any computer system which unfortunately, not so many users make good use of. A great feature which may become useless if not properly managed. The Windows Event Viewer is a management tool that enables you to browse and manage event logs. It is an indispensable tool for monitoring the health of systems and troubleshooting issues when they arise. Users of Windows systems need to familiarize themselves with the tool in general and in particular with some tasks that would help them get notifications when an event occurs.
While, the recommended location for detailed information related to Group Policy issues is the Event Viewer, Windows 7 includes a debugging feature and a tool that gives you additional troubleshooting clout. From the Event Viewer you can identify policy failures and examine their description and then using the logs for a step-by-step analysis as described below:
The write-caching policy for hard drives in Windows 7 is enabled by default. Although, this improves the overall performance of the system, if there is a power failure and the system has no backup power such as, an UPS (Uninterruptable Power Supply) data waiting in cache will be lost!
The following procedure shows how to restrict an application from running using AppLocker. For more details about AppLocker and the available options read articles Part 1, Part 2 and Part 3. The following example shows how to restrict the windows notepad application from executing :
- Use an administrator account to perform these while make sure that a standard user account without administrative privileges exists on the computer. Verify that the Notepad application runs before starting configuring AppLocker. Read more…