Forum Discussion
Ms Teams under restricted domain User
Hi All,
I have windows server 2016 and I have applied a User software restriction rule,
and I allowed the program files and teams path
then I pushed Team with MSI to all PCs
but on the Domain user, the teams start to be installed again and because of the restriction it gets blocked
is there any way that I allow the teams installation and start on Domain user
as it works normally on local Admin
thanks
6 Replies
AhmedG130 Teams installs and runs from a folder in the userprofile, the machine wide installer you deployed just sets up the machines so it installs into the users profile as they log on.
To use an ARP or AppLocker policy you'll need to trust the publishers certificate.
Hi Steven,
correct me if I am wrong
i did the following
exported Teams Certificate and in Additional Rule, i created a new Certificate Rule unrestricted and added the Certificate i exported earlier
then in
User Configuration >windows settings>software restriction policies
in Trusted Publishers
i defined the policy settings to Allow all admin. and users to manage user own trusted publishers
and marked the two other options for any revoke
still the installer on the domain user didn't start
and when i try to do it manually from that user " failed to extract installer "
- Hi Again
I have found the solution
is to unrestrict the SquirrelTemp folder
now teams is working fine and updated correctly
- When you say "program files" and "teams path", can you clarify what those both are? When you installed Teams, what switches did you apply?
Hi Jangliss
I mean first I've created "software restriction policies" in
User Configuration >windows settings>software restriction policies
with Security levels > disallowed
in additional Rules, i added some Paths for " windows Program Files both versions and AppData Teams Folder
but still on domain user Teams doesn't initiate the wide installer
and say when i try to do it manually from that user " failed to extract installer "
