Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,635 questions
AppLocker - Publisher's Certificate and Folder Location restriction
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 61%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI%3C/text%3E%3C/svg%3E)
ICS_SCADA_at_Work
1
Reputation point
I ran into a problem where I only want "Everyone Group" to Run program with certain Publisher's Certificate in Windows, Program files & x86 folders. It doesn't seem like I can use "And" condition. Such as Cert + Folder Location.
So I got a little creative and created
Deny Everyone, All folder location with exception of Windows, Program files & x86 and Program Data folders
Allow Everyone with Publisher Certificate to run
This seem to solve my problem; however I want Administrator to be able to run outside of Windows, Program files & x86 and Program Data folders, but the Deny policy is blocking it.
Any advice on how to restrict cert + location