79
45
When attempting to install a Microsoft-signed ClickOnce application, an error appears stating "Your administrator has blocked this application because it potentially poses a security risk to your computer" and "Your security settings do not allow this application to be installed on your computer".
As the administrator who would have set said policies, I cannot for the life of me figure out why this is being blocked for just one user and not other users whose PCs are based off the same image and why it works for other users who should be enjoying the same privileges as the user who is receiving the following message. Note that the exact same domain group policies are applied to this user that is experiencing the error and to users who are not receiving the error.
Even attempting to run the application "as an administrator" does not solve the issue. The event logs show no errors, and I cannot otherwise find any logs to help diagnose the issue.
What local policies or settings would allow or deny this application?
It requires Internet or Intranet Zone (Full Trust for CD-ROM installation) according to https://msdn.microsoft.com/en-us/library/142dbbz4(v=vs.90).aspx
– None – 2017-09-21T19:43:03.210This warning happening on a single user's machine or are multiple user's across multiple machines, having this problem? – Ramhound – 2017-09-21T22:12:22.987
I noted, though possibly not quite clearly, in the original question that it was being blocked for 'just one user'. – Beems – 2017-09-22T18:49:32.607
This seems like a big problem (34,438 views). How can I stop this from happening on another person's computer if I'm a developer? This problem arose from making programs in Visual Studio and trying to run the Setup.exe for my program. – Daniel – 2018-07-31T12:43:34.223
@Daniel If your application doesn't require escalation, you can try to set the registry value under HKCU instead:
HKCU\SOFTWARE\MICROSOFT\.NETFramework\Security\TrustManager\PromptingLevel\Internet
toEnabled
(Full disclosure: I've not tested this). Otherwise, if that does not work, you can try to include an escalatable process that will set it under HKLM – Beems – 2018-08-01T13:19:38.653