%Username% variable into AppLocker rule

ISDNO
ISDNO used Ask the Experts™
on
How would I add an username environment variable into an AppLocker rule?

For instance I would like to whitelist applications in this directory:

C:\Users\%username%\Appdata\Local\Apps\CompanyAPP.

In the audit it logs the exact username.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017
Commented:
%userprofile% is c:\users\username
%localappdata% is c:\users\username\appdata\local

%userprofile%\appdata\local\apps\CompanyApp
or better still
%localappdata%\apps\CompanyApp
Distinguished Expert 2018
Commented:
It's simple. Applocker wildcard rules go like this:
C:\Users\*\Appdata\Local\Apps\CompanyAPP
Edit: other variables: see https://technet.microsoft.com/en-us/library/ee460944.aspx
For some reason the * did not work for in the user profile area in applocker.  I had to use %OSDRIVE%\Users\%USERPROFILE%\Appdata\Local\Apps\CompanyAPP.  Just in case someone has the same issue.
Distinguished Expert 2018

Commented:
You have had success with variables (in this case: %USERPROFILE%) that applocker does not even know?!
I don't think so, it will have another reason (like another rule is in effect).

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial