because applocker uses the application identity service to verify attributes of a file, you must configure it to start automatically. in one GPO that applies applocker rules, the Application Identity service determines and verifies the identity of an application. stopping this service will prevent Applocker policies from being enforced.
