Power Hungry
Mon, December 14th, 2020, 01:34 PM
Hey folks! Discovered a new issue regarding how Microsoft handles security settings for ClickOnce application installations.
In most cases, this is not an issue. After all, the ClickOnce application installation is a Microsoft designed delivery process, so it's odd that it would have issues regarding permissions. However, on some corporate machines or certain user account installations, there may be some more restrictive security policies which cause this issue. So let's investigate the issue and how to fix it.
The Error:
When attempting to install HydraFlash, you may get an error that states "Your administrator has blocked this application because it potentially poses a security risk to your computer" combined with "Your security settings do not allow this application to be installed on your computer".
This is caused by the "ClickOnce Trust Prompt Behavior". This is a restricted policy setting related to the "ClickOnce" application deployment process. While annoying, it can be easily corrected. (See the following for reference... https://msdn.microsoft.com/en-us/library/ee308453.aspx)
The Solution:
To adjust this, simply change the values in the Registry and you should be able to install the application. As always, changes to the registry must be handled with caution. Make sure you understand exactly which registry keys you are modifying before making any changes.
Now, to enable the ClickOnce trust prompt by using the Registry Editor:
Click Start, and then click [Run], or press [Window Key] + [R].
In the Open box, type "regedit", and then click [OK].
Locate the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\.NETFramewor k\Security\TrustManager\PromptingLevel
If the key does not exist, create it.
Add the following subkeys as String Values, if they do not already exist, with the associated values shown in the following table.
Internet - Enabled
LocalIntranet - Enabled
MyComputer - Enabled
TrustedSites - Enabled
UntrustedSited - Disabled
These are the default values for the associated keys. If these values exist but they don't match (Disabled instead of Enabled), it's possible that an installed application or your system administrator may have changed them to protect the system. Setting these values back to their defaults should correct the issue.
Alternatively, if you have no other settings in the HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\.NETFramewor k\Security\TrustManager\ aside from the PromptingLevel\ key, you can actually delete the TrustManager\ key altogether and everything will work normally.
If this does not resolve the issue, please contact Power Hungry Performance and we'll be happy to investigate this further.
Good luck and take care.
In most cases, this is not an issue. After all, the ClickOnce application installation is a Microsoft designed delivery process, so it's odd that it would have issues regarding permissions. However, on some corporate machines or certain user account installations, there may be some more restrictive security policies which cause this issue. So let's investigate the issue and how to fix it.
The Error:
When attempting to install HydraFlash, you may get an error that states "Your administrator has blocked this application because it potentially poses a security risk to your computer" combined with "Your security settings do not allow this application to be installed on your computer".
This is caused by the "ClickOnce Trust Prompt Behavior". This is a restricted policy setting related to the "ClickOnce" application deployment process. While annoying, it can be easily corrected. (See the following for reference... https://msdn.microsoft.com/en-us/library/ee308453.aspx)
The Solution:
To adjust this, simply change the values in the Registry and you should be able to install the application. As always, changes to the registry must be handled with caution. Make sure you understand exactly which registry keys you are modifying before making any changes.
Now, to enable the ClickOnce trust prompt by using the Registry Editor:
Click Start, and then click [Run], or press [Window Key] + [R].
In the Open box, type "regedit", and then click [OK].
Locate the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\.NETFramewor k\Security\TrustManager\PromptingLevel
If the key does not exist, create it.
Add the following subkeys as String Values, if they do not already exist, with the associated values shown in the following table.
Internet - Enabled
LocalIntranet - Enabled
MyComputer - Enabled
TrustedSites - Enabled
UntrustedSited - Disabled
These are the default values for the associated keys. If these values exist but they don't match (Disabled instead of Enabled), it's possible that an installed application or your system administrator may have changed them to protect the system. Setting these values back to their defaults should correct the issue.
Alternatively, if you have no other settings in the HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\.NETFramewor k\Security\TrustManager\ aside from the PromptingLevel\ key, you can actually delete the TrustManager\ key altogether and everything will work normally.
If this does not resolve the issue, please contact Power Hungry Performance and we'll be happy to investigate this further.
Good luck and take care.