+ Post New Thread
Results 1 to 5 of 5
Windows Thread, Running an application over a DFS share in Technical; I've got a DFS domain based share that merges a load of server shares into one common share (i.e \domain.com\share) ...
  1. #1

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    19

    Running an application over a DFS share

    I've got a DFS domain based share that merges a load of server shares into one common share (i.e \\domain.com\share) and users have a drive letter mapped to that share. I've done this because we use a whitelist Software Restriction policy and the list of shares was making the policy rather large! All of the seperate shares are integrated into the DFS share so I only have to unblock that pathname.

    Problem is, now when users run the application (pathname is using the DFS share drive letter) it runs OK, but they get the 'Publisher could not be verified' Security warning where you have to click Run or Cancel ('This file does not have a valid digital signature etc')

    I've set the group policy to allow apps to run on the Intranet zone but it still happens. is there anything else I can do to stop this message appearing when running an application across a dfs share?

  2. #2
    carvjo's Avatar
    Join Date
    Mar 2010
    Location
    Oxford
    Posts
    195
    Thank Post
    12
    Thanked 39 Times in 34 Posts
    Rep Power
    21
    Looks like you have done what I've seen suggested:

    Group Policies: User Configuration - Administrative Templates - Windows Components - Attachment
    Manager

    Add "*.exe" to the "Inclusion list for **moderate** risk file types" setting.

    I've also seen this suggested:

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Associations]
    "LowRiskFileTypes"=".exe

  3. #3

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    19
    Hmm, I haven't changed the Attachment management in any policies.

    After a little tinkering I've changed the group policy settings that Automatically detect intranet and also manually added the domain name into the Intranet Zones (sites to zones assignment list) and it seems to have worked.

    Odd behaviour as the problem didn't occur when running the apps from the original shares (which they effectively still are!)

  4. #4

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    That makes sense to me. To fix that or something similar (it's been a while) I've long been throwing these straight into the Trusted Zone: servername (NetBIOS), servername.example.com, *.example.com. In principle the second one is redundant because of the third one which I'm fairly sure I added for DFS shares (that wildcard does, or at least did, cover "\\example.com\..").

    One of those "seems to work, I'll go back test it properly and then do it with more finesse, on a rainy day" things.

  5. #5

    Join Date
    Jun 2010
    Location
    Yukon, Oklahoma, USA
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for the info Carvjo, was a snap to deploy via ZenWorks and GPO settings. Now I can freely run .bat files for software installations, registry changes, etc.

SHARE:
+ Post New Thread

Similar Threads

  1. Access Denied to DFS Share
    By CHR1S in forum Windows Server 2000/2003
    Replies: 1
    Last Post: 22nd June 2010, 04:25 PM
  2. Running .exes from a network share
    By matt40k in forum Scripts
    Replies: 5
    Last Post: 6th August 2009, 06:38 PM
  3. Running script from share - shortcut?
    By reggiep in forum Mac
    Replies: 0
    Last Post: 17th March 2009, 12:48 PM
  4. Running Open Office from a network Share?
    By Kyle in forum General Chat
    Replies: 5
    Last Post: 9th November 2007, 11:43 AM
  5. Running Office 2007 from a network Share
    By BKGarry in forum Wireless Networks
    Replies: 15
    Last Post: 6th February 2007, 09:59 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •