Solved

policy or certification issue maybe?

Posted on 2011-03-18
7
1,441 Views
Last Modified: 2013-11-25
When trying to install a custom VB application on an XP machine, the following message is given

Application Install – Security Warning
Your administrator has blocked this application because it potentially poses a security risk to your computer.
Name:  xxxxxxxxxxx
From: D:\ xxxxxxxxxxxx

Publisher:  Unknown Publisher
 
Your security settings do not allow this application to be installed on computer.

(I replaced the app's name and location)

The user has admin rights on the laptop. I believe this miight be happening if a group policy
was set on the laptop, or if XP is just having issues with the certification of the software.

Any advise?
0
Comment
Question by:BJBExEx
7 Comments
 
LVL 22

Expert Comment

by:plusone3055
ID: 35169813
if this is happening at a work station the IT boys desabled some features..
0
 

Author Comment

by:BJBExEx
ID: 35169875
Thanks for your reply,

I think that might be right, but it's the IT guy having the issue with the software (at a remote location). I can't get my hand on the laptop, but the error message in my original note is the exact error message. I believe this must be an item in the security policy (local or group) that needs to be adjusted, but I'm just not sure what. I am also not certain if group policy is active or not. I am trying to find out more. It is important for us to try and get this operational rather quickly. The app does not have a certification, it is seen as being from an unknown publisher. What I am looking for is the policy setting that would allow an application from an "unknown" publisher to be installed. The app was developed by a co-worker, so we know there is no security issue with it. It works fine on the XP PC it was written and compiled on.
0
 
LVL 7

Expert Comment

by:CSI-Windows
ID: 35169930
Could you please share the following details:

What is the operating system?

Is the application being installed via Windows Installer, Click Once, Setup.exe ?

If Windows Installer is being used, please run the attached MSI-Verbose-Logging-ON.REG file to generate a verbose log of the next attempt and attached it to a reply message.
MSI-Verbose-Logging-ON.reg
MSI-Verbose-Logging-OFF.reg
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:BJBExEx
ID: 35169961
Thanks for your reply.

The laptop is running XP Pro, I believe SP2. Windows Installer was used. Thanks for the links, Unfortunately, the laptop is accross the counrty from me so I can't try it now. I'm sending the links to the app developer to ask him to speak to the user to try the links. I will reply with the requested info when available.
0
 
LVL 7

Accepted Solution

by:
CSI-Windows earned 250 total points
ID: 35171311
Great.

Couple other questions:

Is the attempted install being done through a web browser?

Is the application a .NET application?

Is the D:\ drive a local drive or a network mapped drive?

This is a classic policy message, but there is no Windows Installer specific group policy that would block an install based on code signing.

It would have to be one of these:
*) GPO: Software Restriction Policy - Certificate Rule
*) Web Browser Security (if being installed via browser)
*) GPO: App Locker Policy (Win7 Enterprise ONLY)
*) .NET ClickOnce Security policies

Given the message you are receiving the last seems like a real possibility.

Assuming the App is .NET I would advise that you check whether you are including a ClickOnce manifest when building the App.  Maybe at one time someone thought they'd use click once and changed these settings and now it gets embedded in the MSI and is being processed?

Here is an article that explains some of the GPO settings and Visual Studio settings that might be affecting you: http://msdn.microsoft.com/en-us/library/aa719097(v=vs.71).aspx#clickonce_topic8
0
 
LVL 40

Expert Comment

by:Vadim Rapp
ID: 35775467
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

5 Tips For Long Jumpers: A Sprinter's Approach to Agile Software Development As a Sprinter, long jumping — applying momentum to progress by leaps and bounds — is a natural and complementary skill. In the following article, I will share my five ti…
You can provide a virtual interface for remote stakeholders in a SWOT analysis through a Google Drawing template. By making real time viewing and collaboration possible, your team can build a stronger product.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now