The User rules node allows you to match security control rules with specific users within the enterprise.
The User summary displays the User, Textual Security Identifier (SID) and Security Level of the rule. A SID is a data structure of variable length that identifies user, group, and computer accounts. Every account on a network is issued a unique SID when the account is first created. Internal processes in Windows refer to an accounts SID rather than the accounts user or group name. Likewise, Application Control also refers to a user or group SID unless the SID could not be found when added to the configuration.
To add a user rule, click the Add Rule on the Rules ribbon and select User Rule. The Add User Rule dialog displays. Enter or browse to select an account.
- To remove a user rule, select a rule and click Remove Rule on the Rules ribbon. A confirmation message displays. Click Yes to confirm the removal.
You can also add items to the Allowed Items, Denied Items, Trusted Vendors, User Privileges, and Browser Control nodes in each user rule node.
For more information, see Rule Items.