added steps for path rule

windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune.md

@@ -193,9 +193,9 @@ In this example, you'd get the following info:
 Where the text, `O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US` is the publisher name to enter in the **Publisher Name** box.
 
 ### Add an AppLocker policy file
-For this example, we’re going to add an AppLocker XML file to the **App Rules** list. You’ll use this option if you want to add multiple apps at the same time. For more info about AppLocker, see the [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview) content.
+Now we’re going to add an AppLocker XML file to the **App Rules** list. You’ll use this option if you want to add multiple apps at the same time. The first example shows how to create a Publisher rule for packaged apps. The second example shows how to create a Path rule for unsigned apps. For more info, see [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview).
 
-**To create an app rule and xml file using the AppLocker tool**
+**To create a Publisher rule and xml file for packaged apps using the AppLocker tool**
 1.	Open the Local Security Policy snap-in (SecPol.msc).
     
 2.	In the left pane, expand **Application Control Policies**, expand **AppLocker**, and then click **Packaged App Rules**.
@@ -262,6 +262,43 @@ For this example, we’re going to add an AppLocker XML file to the **App Rules*
     ```
 12.	After you’ve created your XML file, you need to import it by using Microsoft Intune.
 
+**To create a Path rule and xml file for unsigned apps using the AppLocker tool**
+1. Open the Local Security Policy snap-in (SecPol.msc).
+    
+2. In the left pane, expand **Application Control Policies**, expand **AppLocker**, and then click **Executable Rules**.
+
+   ![Local security snap-in, showing the Executable Rules](images/create-new-path-rule.png)
+
+3. Right-click in the right-hand pane, and then click **Create New Rule**.
+
+4. On the **Before You Begin** page, click **Next**.
+
+5. On the **Permissions** page, make sure the **Action** is set to **Allow** and the **User or group** is set to **Everyone**, and then click **Next**.
+
+6. On the **Conditions** page, click **Path** and then click **Next**.
+
+    ![Create Packaged app Rules wizard, showing the Publisher](images/path-condition.png)
+
+7. Click **Browse Folders...** and select the path for the unsigned apps. For this example, we’re using "C:\Program Files".
+
+    ![Create Packaged app Rules wizard, showing the Select applications page](images/select-path.png)
+
+8. On the **Exceptions** page, add any exceptions and then click **Next**.
+
+9. On the **Name** page, type a name and description for the rule and then click **Create**.
+
+10.	In the left pane, right-click on **AppLocker**, and then click **Export policy**.
+
+    The **Export policy** box opens, letting you export and save your new policy as XML.
+
+    ![Local security snap-in, showing the Export Policy option](images/intune-local-security-export.png)
+
+11.	In the **Export policy** box, browse to where the policy should be stored, give the policy a name, and then click **Save**.
+
+    The policy is saved and you’ll see a message that says 1 rule was exported from the policy.
+
+12.	After you’ve created your XML file, you need to import it by using Microsoft Intune.
+
 **To import your Applocker policy file app rule using Microsoft Intune**
 1.	From the **App Rules** area, click **Add**.