In this scenario, the following below was prompted on my screen after joining a device to a domain and trying to access the settings in anyway of a Windows 10/11 workstation:
the solution to this was just removing/defaulting the AppLocker Policies in the Group Policy Management Console.
In detail the steps to our resolution was:
1. Login to your Domain Controller and open the Group Policy Management Console and locate your GPO that may contain the AppLocker Policies/rules set (note: may want to check all your GPO's just to be sure)
2. After finding the correct GPO you want to edit it and follow this path till you find Applocker
COMPUTER CONFIGURATION> Policies > Windows Settings > Security Settings > Application Control Policies > AppLocker
3.Once here, you then want to look and see what rules are created, you can then either delete those rules entirely, create default rules or possibly re-create each of the previous rules if AppLocker if something you'd truly want to utilize.
(note: if you do want to utilize AppLocker, you also want to make sure the AppIDSvc or Application Identity service is running in services.msc)
4. Now that you've re-configured to things how you like, the last step is to run gpupdate.exe /force to apply your policy changes. You can do that via command prompt or the run window.
(note: you may also need to run a group policy update on all targeted workstations)
disclaimer: although this method worked for our us, every situation is different so please move forward with caution and use at your own risk!
published by Kevin Fox