Application does not run for domain admins

Solution 1:

You can monitor what the program is doing using a special diagnostic tool called Process Monitor from Microsoft, and from there potentially determine what is not working.

https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx

I've used this tool from Mark Russinovich for probably 12-15 years now, when dealing with user rights problems trying to run cruddy old Windows 3.1 / 95 / 98 programs that demand excessive file/registry permissions on NTFS and Windows 2000, XP, and then Windows 7 with UAC.

Though be warned, this tool spews thousands of lines of status data from every running system program when you launch it, so it is often helpful to go down the list and exclude nearly every other running program it detects that you don't care about, before actually running the program you do want to test.

Ref, my own post on SysInternals about this: http://forum.sysinternals.com/exclude-all-processes-currently-in-filter_topic27483.html

The difficulty is not overexcluding to the point that you are missing messages that you told it to suppress from other running system programs, but not also being swamped with thousands of lines of irrelevant logging data.

Explicitly ignoring all "SUCCESS" messages may also help you find errors more easily. Though this is a very advanced tool, and some things it reports are not really serious errors, such as "REPARSE" or "END OF FILE", so it can be difficult to decipher the output from it, and it may possibly not help you at all if you can't figure out how to read its logging output.

Solution 2:

I was able to solve the issue following the steps below

Turn off UAC

Created standard user shippinguser in AD

added domain/shippinguser as a local admin on shippingpc

added shippinguser password to stored credentials.

created shortcut:

%systemroot%\system32\runas.exe /user:domain\shippinguser /savecred "C:\Program Files (x86)\ConnectShip\Progistics\CSW\ShippingApplication\CSWShipping.exe"

Put shortcut all users desktop on mm-dt-ship01

The short will launch CSWShipping.exe as local admin on the computer using domain\shippinguser

When the users double clicks the shortcut they may be prompted for a password.

The user will only have to enter the password once.

I have set the GPO to deny logon locally for this user on any PC under the domain.

Solution 3:

I'd never heard of this software, so I googled it. Unfortunately, in my experience some of these specialized software packages for very specific markets... well.

The actual error message is a .NET framework error: An exception was thrown by a type's initializer. That could be a lot of things, but I'm going to guess that those users don't have permissions to access a needed assembly (but local administrators do).

Your choices are looking for related files and granting the user running the application privileges on those files, or granting local admin rights to that user. Since you granted the directory to everyone, maybe the app put something in Windows (or another directory).

Good luck!

Tags:

Windows 7

Related

What causes a workstation to lose trust with the domain controller? I changed my TTL from 24 hours to 5 minutes. Do I need to wait 24 hours before changing the records? What is the use of ProxyPassReverse Directive How can I use PowerShell to enable NTFS compression, in place, on log files older than x days? "No protocol handler valid for the URL" with httpd mod_proxy_balancer Let's Encrypt SSL Certificate File Not Found Error, but still working How can I set the root password in a docker container from a script? /dev/centos/root does not exist after migrating CentOS7 from vmware to Xen chmod not working correctly in Docker Determining LTO 5 Tape Expiration? Get-ADGroupMember $Group fails when $Group contains principals from other domains How to shrink /home and add more space on CentOS7

Recent Posts