Solved

GPO preventing application launch at login

Posted on 2009-05-13
10
614 Views
Last Modified: 2012-05-06
I just recently installed an application on a machine that runs off the hkey local machine "run" settings in registry.  Any user that attempts to log on in theory should have the application boot for them.  The application boots in the processes tree under the current user as opposed to system however, despite being a member of the HKey Local Machine registry group.

The issue I am having with the application is the following:

The application boots up for all users except users of a specific OU whose Group Policy is extremely tightened down.  I have tried to add the programs as an exception and can run under users\administrative templates\system\ run only allowed windows applications GPO, however the program still will not launch when the user logs in.

Are there any other GPOs that could potentially be turned on that I am missing that are preventing this application from booting when the user logs on?
0
Comment
Question by:megnin
  • 6
  • 3
10 Comments
 
LVL 15

Assisted Solution

by:zelron22
zelron22 earned 400 total points
ID: 24378356
Have you run a group policy results in the GPMC to see which policies are winning for those users on those machines?
0
 
LVL 15

Assisted Solution

by:zelron22
zelron22 earned 400 total points
ID: 24378369
0
 
LVL 3

Assisted Solution

by:a_ro_no
a_ro_no earned 100 total points
ID: 24378374
Sure! Software Policies?
User Configuration, Software settings, Software installation
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:megnin
ID: 24379015
We don't have any Software Policies.
0
 
LVL 1

Author Comment

by:megnin
ID: 24379710
The Policy that holds the executables that are permitted to run is the winning GPO.  This brings me right back to the beginning of where I started as there is no software policy enabled in the GPO.  There is likely a policy of some sorts that is enabled and also a winning policy that is preventing this application from loading its process at the start.

0
 
LVL 1

Author Comment

by:megnin
ID: 24398542
Still haven't been able to find what policy is "winning" and preventing the application from running.
0
 
LVL 15

Accepted Solution

by:
zelron22 earned 400 total points
ID: 24399292
Have you checked the security logs on one of the PCs?  Has security to anything on the C: drive been locked down further that might prevent the users access to temp folders, or the application folder?
0
 
LVL 1

Author Comment

by:megnin
ID: 24444088
I'll check that.  Thanks
0
 
LVL 1

Author Comment

by:megnin
ID: 24444731
I discovered the issue as the person that put the exe in forgot a letter.  Lesson for the day, double check others work instead of giving them the benefit of the doubt
0
 
LVL 1

Author Closing Comment

by:megnin
ID: 31581165
Thanks for the additional perspectives!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Synchronize a new Active Directory domain with an existing Office 365 tenant
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question