Documentation from Microsoft regarding the new feature AppLocker in Windows 7 (and Windows Server 2008 R2) early stated that to be able to use AppLocker you must have a “Windows Server 2008 R2 Domain Controller to host the AppLocker rules”. I have seen this information several times since then and at a seminar I payed a quick visit to yesterday regarding Windows 7 this particular questions was raised.

Of course I had to make sure what’s really going on here and I have now verified that AppLocker works perfectly fine in environments where there are only Windows Server 2003 DCs or Windows Server 2008 DCs. I can see no reason what so ever for AppLocker to require a Windows Server 2008 R2 DC to function. The only requirement is that you’re running Windows 7 Enterprise or Windows 7 Ultimate edition to be able to use th powerful feature of AppLocker.