Windows 10 File Associations

Setting which application a file will open with in Windows 10 is different than before. You can set this initial association by overriding a file during your imaging process, or apply it using a Group Policy. We will go over both methods here.

During Imaging

All initial file associations are copied from C:\Windows\System\OEMDefaultAssociations.xml. If you want to set your own, you can modify this XML, then copy it to this location during your imaging process. We’ll take PDF as an example:

As you can see, it’s associated with Edge by default. If I want to change it to Acrobat Reader, I can simply modify that line to this:

I bet you’re wondering how you determine what to set the extensions too. We’ll go over that at the end.

Once my modifications are complete, I can override the default file with my changes. This file will apply when a user logs in and a user is free to change the associations, but you can at least give them a starting set.


You can see also give Windows a XML file using Group Policy. This is one of the few Group Policy settings I have seen that will actually allow a user to change something. This setting will only apply once. If a user changes an association after the policy applies, the policy will not override it. The GPO also applies with linked, whether a user has logged into a computer already or not. You take the same XML file that we already created and apply it to the setting “Set a default associations configuration file” located at Computer Configuration > Administrative Templates > Windows Components > File Explorer.

Capture File Associations

To identify what to put in the XML file, I suggest configuring a user account with all of the associations that you want to change. Then, run this command from an administrative command prompt:

dism /Online /Export-DefaultAppAssociations:c:\appassoc.xml

This will output a XML file with the lines that look like my screenshots.  You can then either deploy this XML file, or copy the custom settings out of it and into a file that you will then deploy. If you’re overriding the OEMDefaultAssocications.xml file, I suggest keeping all of the contents of the file, or else you may end up with a lot of files that have no default association. If you’re going the GPO route, I would extract only the changes, and not deploy the entire exported file.


All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.



Contact Us

On Key

More Posts

WME Cybersecurity Briefings No. 005
Cyber Security

WME Security Briefing 15 April 2024

E-Commerce Security Alert: Unveiling Magecart’s Persistent Backdoor Overview Malicious activities by Magecart attackers have been reported. They are targeting Shopify’s content delivery network (CDN) by creating fake Shopify stores. The backdoor method has enabled them to

Read More »
WME Cybersecurity Briefings No. 004
Cyber Security

WME Security Briefing 11 April 2024

Mispadu Trojan Exploits Windows Vulnerability to Target Financial Data Overview The Mispadu banking trojan has intensified its operations as it’s exploiting an already patched Windows SmartScreen flaw. Since its initial identification in 2019, Mispadu has primarily preyed on

Read More »
WME Cybersecurity Briefings No. 003
Cyber Security

WME Security Briefing 29 March 2024

Russian hackers escalating their cyber warfare, deploying TinyTurla-NG to breach European NGOs. Cisco Talos reveals a targeted attack against organizations advocating democracy and supporting Ukraine. With their sophisticated methods, these cyber attackers are bypassing antivirus defenses

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.