AppLocker policy "like"

hey,

i setting applocker policies sysinternals.
because of clearity great, if not have define special rule every sysinternals tool itself.
know can specific settings publisher, product name, file name & file version anything.
possible product name starts "sysinternals" ?

tried - unfortunately without success:

thanks :)

> possible product name starts "sysinternals" ?

 

unfortunately: no. * in these fields not real wildcard,

basically hint "ignore property".

 

what can instead: leverage get-applockerfileinformation ,

new-applockerpolicy create set of cert rules given set of

files @ once... lets assume source directory

create rules c:\sysinternals:

 

get-applockerfileinformation c:\sysinternals\*.exe | new-applockerpolicy

-ruletype publisher -rulenameprefix "sysinternals-" -user

-ignoremissingfileinformation -optimize | set-applockerpolicy -ldap "dn

of destination gpo" -merge

 

(all 1 line...)

 

Windows Server  >  Group Policy