Unknown Publisher

Alloy Network Inventory is a comprehensive, budget-friendly, easy-to-deploy network inventory solution that provides you with accurate and up-to-date information from every computer on your network.
 

Unknown Publisher

Postby jshenn on Mon Mar 12, 2007 11:21 am

Back in December, we disabled our Alloy Inventory Group Policy Object in an effort to troubleshoot slow logon performance. Now that we have that issue behind us, we have enabled the Inventory GPO again.

The audits are working just fine except for the fact that when they run, the user is prompted with a message box indicating that the "publisher could not be verified". They can click on Run and the inventory completes fine.

I would like to get rid of the box so that the inventory is truely silent.
jshenn
Newbie
 
Posts: 1
Joined: Mon Mar 12, 2007 10:18 am

Postby pille on Tue Mar 13, 2007 9:36 am

This can happen with XP SP2. See the kb article below:

=========================================================

Security warning 'The publisher could not be verified' on XP SP2
--------------------------------------------------------------------------------
ID: KB000022 Modified: 3/13/2007 9:34:38 AM Version: 2.1
--------------------------------------------------------------------------------

SYMPTOMS
When trying to run an application from a shared network folder, you received the following prompt and would like to disable it:

"The publisher could not be verified. Are you sure you want to run this software?"

SUMMARY
This is a function of the Attachment Execution Service presented in Internet Explorer Enhanced Security which is enabled on Windows XP Service Pack 2, Windows 2003 and higher by default.

This article is only intended to provide a workaround for the problem that is described in the Symptoms section. For more information regarding potential Internet Explorer Enhanced Security issues, refer to the MS KB article shown in the References section.

MORE INFORMATION
Internet Explorer Enhanced Security Configuration establishes security settings that reduce the exposure of your Windows host to potential attacks that can occur through Web content and application scripts.
This enhanced level of security can prevent Web sites from displaying correctly in Internet Explorer and can restrict access to network resources, such as files on Universal Naming Convention (UNC) shared folders.

WORKAROUNDS
Note that the first workaround should be preferred as it is highly configurable and does not open security issues.

I. Add your network shares to the Local intranet security zone.
1. Open Microsoft Internet Explorer.
2. Click Tools, and then click Internet Options.
3. In the Security tab, highlight "Local intranet", click Sites button.
4. Add the network shares you want the prompt to be disabled for to the list.
5. Uncheck "Require server verification (https:) for all sites in this zone" and click Close.
6. Click Close.
7. In some cases you may need to reboot the server.

II. Configure "Inclusion list for low file types" group policy
1. Logon to the machine as administrator.
2. Click Start, Run, type "gpedit.msc" in the text box, and click OK.
3. Locate the following group policy: [User Configuration > Administrative Templates > Windows Components > Attachment Manager > Inclusion list for low file types].
4. Click Enabled and enter the file types you don't want to be warned about in the box (for example: .exe).
5. Click Ok and close the group policy editor window

REFERENCES
For more information, visit the following Microsoft Web site:
http://support.microsoft.com/?id=815141
Contact Technical Services directly:
support@alloy-software.com
http://support.alloy-software.com

Paul Ille
Alloy Software
Maximize your IT Universe
Follow us on Twitter: http://twitter.com/alloysoftware
Image
User avatar
pille
Alloy Software
 
Posts: 473
Joined: Thu Aug 11, 2005 3:11 pm
Location: New Jersey, USA


Return to Alloy Network Inventory 4

Who is online

Users browsing this forum: No registered users and 1 guest

cron