Create AppLocker rule in GPO for a local user account
Posted on 2015-01-30
I would like to create an applocker rule in a GPO that applies to a local user that has been created on a group of machines. When I assign an applocker rule, it doesn't let me enter a user, but forces me to select a domain user or a local user that exists on the machine I am using to edit the GPO.
I tried just creating the user on my machine I am using to edit the GPO, but it seems to tie the rule to the SID for that account on that computer which certainly wouldn't be the same SID on all of the other computers. They would have different SID's for the local account.
How can I apply an applocker rule to a local user in a GPO?