Sorry for not responding sooner, but yes wildcards work in that field. I've done it on 2010 SP1. Had a executable on workstations that I couldn't be sure of what directory it would run from, so I had to wildcard it.
Don't get crazy with the wild cards. If you can get the company to agree on standard install paths going forward, do so. Christopher Catlett Consultant | Detroit [MCTS_2013_small] Sogeti USA Office 248-876-9738 |Fax 877.406.9647 26957 Northwestern Highway, Suite 130, Southfield, MI 48033-8456 www.us.sogeti.com<http://www.us.sogeti.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Marcum, John Sent: Friday, August 23, 2013 2:04 PM To: [email protected] Subject: RE: [mssms] Updated EP Templates That's why I keep asking if I can wild card the processes. It looks like out of the box the SQL 2008 one ONLY works for 2008 (not r2) and ONLY if it's installed in the default location which nobody does. [cid:[email protected]] ________________________________ John Marcum Sr. Desktop Architect Bradley Arant Boult Cummings LLP ________________________________ From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Niall Brady Sent: Friday, August 23, 2013 11:26 AM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] Updated EP Templates good point, i'm not aware of them procuding new ones, but I would imagine that the ones that are there should be sufficient to build one for SQL Server 2012 (you can merge policies and make your own) have you tried using the one for SQL Server 2008 and verifying if that's sufficient ? On Fri, Aug 23, 2013 at 5:12 PM, Marcum, John <[email protected]<mailto:[email protected]>> wrote: Yes, I mean do they release newer ones. For instance SQL 2012. Could I just wildcard the SQL process locations and use one custom policy for all versions of SQL? ________________________________ John Marcum Sr. Desktop Architect Bradley Arant Boult Cummings LLP ________________________________ From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Niall Brady Sent: Friday, August 23, 2013 9:59 AM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] Updated EP Templates right click on Antimalware policies, choose import, have fun. On Fri, Aug 23, 2013 at 4:48 PM, Marcum, John <[email protected]<mailto:[email protected]>> wrote: Does Microsoft make updated EP templates available anywhere? I can't seem to find any. How do people deal with SQL exclusions? It looks to me like the templates would only work for a specific version of SQL and only if it's installed in the default location. Can I just wildcard the exe locations? ________________________________ John Marcum Sr. Desktop Architect Bradley Arant Boult Cummings LLP ________________________________ ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer.
<<inline: image002.jpg>>
<<inline: image003.png>>
