I am wondering if it is possible to restrict the execution of a Service User.
Our Software Deployment tool needs - for obvious reasons Administrative Rights on all Client machines. I want to limit the execution of any file that this user does to a certain path on the machine AND from a certain share.
Since the Software has its own Synchronization mechanism, I can't set up a DFS... I have a Share that is located on many computers, and I want to create an allow rule that restricts a certain user to execution only from this share.
The ALLOW rule Applocker should apply would be a Path rule similar to this: \\*\Share
I know I can use a wildcard at the end - \\server\share\* - but am I able to substitute the Servername?
Thanks in advance!