AppLocker - Publisher's Certificate and Folder Location restriction

ICS_SCADA_at_Work 1 Reputation point

I ran into a problem where I only want "Everyone Group" to Run program with certain Publisher's Certificate in Windows, Program files & x86 folders. It doesn't seem like I can use "And" condition. Such as Cert + Folder Location.

So I got a little creative and created

Deny Everyone, All folder location with exception of Windows, Program files & x86 and Program Data folders
Allow Everyone with Publisher Certificate to run

This seem to solve my problem; however I want Administrator to be able to run outside of Windows, Program files & x86 and Program Data folders, but the Deny policy is blocking it.

Any advice on how to restrict cert + location

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,083 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,747 questions
0 comments No comments
{count} votes