Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

GPO Software restriction mailto link

Posted on 2014-03-06
4
Medium Priority
?
856 Views
Last Modified: 2014-03-06
Hi,

We have a terminal server (2008 r2) and a domaincontroller (2008 r2) on which we have defined a gpo for software restriction.

Now users can't click mailto links on a webpage. They get the message that the program is block by grouppolicy.

When we turn off the software restriction policy for a user, he/she can click a mailto link and it works fine.

This is how the gpo setting looks like.

Thanks.
gpo-sr.jpg
0
Comment
Question by:PramoIT
  • 2
4 Comments
 
LVL 58

Accepted Solution

by:
McKnife earned 1600 total points
ID: 39909025
Well, the Software restriction policies do have a logfile. Inside you can read what was blocked. So please add that as an exception.
0
 
LVL 13

Assisted Solution

by:Santosh Gupta
Santosh Gupta earned 400 total points
ID: 39909067
Hi,

first check when user click on mailto links on a webpage what application opening for mail.
like outlook, outlook Express or any other mailing software.

after identifying the program, please create a "Ne path Rule" and select that application path and select "unrestricted".

Apply to group policy and check.
0
 

Author Comment

by:PramoIT
ID: 39909107
Hi mcknife,

Thanks!

I have turned on logging by creating HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers
String Value: LogFileName, <path to a log file>

And saw that when clicking on mailto link, the system tries to open c:\progra~1 instead of c:\program files

These 2 paths are in fact the same, but not for the software restriction gpo. So i added c:\progra~1 to the paths and now it works.
0
 
LVL 58

Expert Comment

by:McKnife
ID: 39909115
Ok...

FYI, there was already a logging section in eventviewer, I guess it would appear in the application log file.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question