So...my previous post asking about this, then finding the answer is no longer valid.
My rule has simply stopped working, PCs logged in under the specified username can access other stuff.
I made no changes to the box before the rule stopped working.
My rule looks like this:
Directory Connector: Username is <username>
Destination Address is not <IP address of remote server>
I've rebooted the UT box, restarted Application Control, but no luck.
Any thoughts? Or any other way of making a rule like this?