marklar23 Absent Member.
Absent Member.
2845 views

What is Group Policy Blocking?

I run a pretty tight security policy in my office where we use group policy to only allow specified windows applications to run on our workstations. For the most part this works pretty good, but I have a couple of issues where I need more information about what is getting blocked rather than just getting the message that something is being blocked.

One case is for Dragon Naturally Speaking where we have added all of the EXE files that the program installed in the directory, but something is still preventing the program from running when it is under policy, but it runs perfectly fine under administrator mode. I just found out that for NAL apps to URLs I needed to add a DLL file to my permitted applications, and I'm wondering if that is also the case here. I also have a couple of computers that have the application has been blocked when the computer starts up and since spyware scans don't find anything even under admin mode, I'm not quite sure what they are.

Is there something out there from Microsoft, Novell, or third party that can work with the group policy and give me a little more information about what is getting blocked by policy rather than just the generic, something is being blocked? Thanks!
Labels (2)
0 Likes
4 Replies
capnlars Absent Member.
Absent Member.

Re: What is Group Policy Blocking?

Try Filemon:

FileMon for Windows

There's a corresponding tool for registry called Regmon.

Larry Stein ZENworks Practice Manager - Novacoast, Inc - Novell's Solution Provider of the Year lstein@novacoast.com
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: What is Group Policy Blocking?

I assume you are using SRPs.......

http://technet.microsoft.com/en-us/library/bb457006.aspx#EDAA

--
Craig Wilson - MCNE, MCSE, CCNA
Novell Support Forums Volunteer Sysop

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

"marklar23" <marklar23@no-mx.forums.novell.com> wrote in message
news:marklar23.3fl8dk@no-mx.forums.novell.com...
>
> I run a pretty tight security policy in my office where we use group
> policy to only allow specified windows applications to run on our
> workstations. For the most part this works pretty good, but I have a
> couple of issues where I need more information about what is getting
> blocked rather than just getting the message that something is being
> blocked.
>
> One case is for Dragon Naturally Speaking where we have added all of
> the EXE files that the program installed in the directory, but something
> is still preventing the program from running when it is under policy,
> but it runs perfectly fine under administrator mode. I just found out
> that for NAL apps to URLs I needed to add a DLL file to my permitted
> applications, and I'm wondering if that is also the case here. I also
> have a couple of computers that have the application has been blocked
> when the computer starts up and since spyware scans don't find anything
> even under admin mode, I'm not quite sure what they are.
>
> Is there something out there from Microsoft, Novell, or third party
> that can work with the group policy and give me a little more
> information about what is getting blocked by policy rather than just the
> generic, something is being blocked? Thanks!
>
>
> --
> marklar23
> ------------------------------------------------------------------------
> marklar23's Profile: http://forums.novell.com/member.php?userid=5123
> View this thread: http://forums.novell.com/showthread.php?t=343340
>



0 Likes
capnlars Absent Member.
Absent Member.

Re: What is Group Policy Blocking?

I think he's using the "Run only allowed Windows Applciations" from the User Configuration\Administrative Templates\System area of Group Policy.

Larry Stein ZENworks Practice Manager - Novacoast, Inc - Novell's Solution Provider of the Year lstein@novacoast.com
0 Likes
marklar23 Absent Member.
Absent Member.

Re: What is Group Policy Blocking?

That is correct, using the "Run only allowed windows applications." Since my policy also prohibits access to the event viewer I can't just check there, plus when I have tested applications that I knew would get blocked by policy, when I changed the user to admin mode I was unable to find any events anyway. I'm not sure if the logging isn't turned on to the correct level to catch this or not. I'm going to check out that application posted earlier to see if that will help and keep a lookout here to see if anything else comes up.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.