Thanks for the reference sheet.
The Approved USB Device list is on my LEM. The UDLP white-list is on my notepad document and imported. Currently, my Approved USB Device list is empty, the UDLP white-list is my primary resource. So this leads me to what you just said:
"The device MUST be in the UDLP white list otherwise it is blocked. If it is in the UDLP white list and not in the Approved USB Devices group then it is blocked. If it is in both lists then it is allowed to attach."
This is not presently the case as i am not using the built in approved white-list (except for 1 item that was put in before my time) and those that are in the UDLP list are not being blocked. So i am not sure what you mean by the underlined portion of the quote.
Thanks for your suggestion about perhaps using a wildcard i will look into whether that will work and i think it may. Will the wild work in the UDLP list just as the Approved list?
Would an OR rule work here? If the UDLP list is always checked first and therefore blocked, could an OR rule stating NOT *smartcard* fix it?
My rule is only as is right now because the exceptions are useless based on what you have said about the order of operation.
