January 9, 2009 03:34am pst

1. RobWill 2,500
2. richrumble 2,375
3. xuserx2... 2,000
3. DaveHowe 2,000
3. CoccoBill 2,000
3. tigermatt 2,000
3. rikke_vp 2,000
3. dstewartjr 2,000
3. richardsk... 2,000
3. Krys_K 2,000
3. takendown 2,000
3. servoadmin 2,000
3. MightySW 2,000
14. Americom 1,500
14. abhvp 1,500
14. RohitBagchi 1,500
17. dandmantra 1,240
18. SethBartlett 1,200
19. gamma1... 1,000
19. dariusg 1,000
21. memed77 900
22. Admin3k 800
23. snoopfrogg 750
24. toniur 645
25. dhoffman... 600

1. richrumble 678,636
2. r-k 434,278
3. Sheharya... 354,618
4. oBdA 302,887
5. trywaredk 297,335
6. war1 293,536
7. gidds99 268,792
8. rpggamer... 265,383
9. Phil_Agc... 244,228
10. KCTS 207,246
11. toniur 206,204
12. sirbounty 191,193
13. CoccoBill 185,019
14. PeteLong 156,654
15. sunray_... 146,627
16. bbao 128,170
17. McKnife 128,063
18. johnb6767 124,704
19. Jay_Jay70 118,090
20. leew 101,811
21. mdiglio 97,751
22. PowerIT 96,084
23. LauraEHu... 86,650
24. younghv 85,600
25. rindi 85,261

08.10.2008 at 11:02PM PDT, ID: 23637009

	[x] Attachment Details

Software Restriction Policies restricting access to unrestricted System and Program Files

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.0

Zones:

Windows Network Security, Windows XP Operating System, Active Directory

Tags:

Microsoft, Windows, XP SP2, Access to C:\Program Files\TRIM Context\TRIMwatcher.exe has been restricted by your Administrator by the default software restriction policy level.

Windows XP SP2
Windows 2003 AD
Windows 2003 x64 SP2 DC's

Hi All,
We have been running Software Restriction Policies through Group Policy for a few years now on our Windows XP SP2 workstations with no issues.

We are now seeing the following Event Log errors on random workstations throught the organisation. Each Application Event has a corresponding System Event logged in the Event Viewer as shown below:

Application Event Log
Source: Software Restriction Policies
Event ID: 865
Access to C:\WINDOWS\system32\wbem\wmiprvse.exe has been restricted by your Administrator by the default software restriction policy level.

System Event Log
Source: DCOM
Event ID: 10000
Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"Windows cannot open this program because it has been prevented by a software restriction policy. For more information, open Event Viewer or contact your system administrator. "
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding

Application Event Log
Source: Software Restriction Policies
Event ID: 865
Access to C:\WINDOWS\system32\DfrgNtfs.exe has been restricted by your Administrator by the default software restriction policy level.

System Event Log
Source: DCOM
Event ID: 10000
Unable to start a DCOM Server: {80EE4901-33A8-11D1-A213-0080C88593A5}. The error:
"Windows cannot open this program because it has been prevented by a software restriction policy. For more information, open Event Viewer or contact your system administrator. "
Happened while starting this command:
DfrgNtfs.exe -Embedding

Also this problem is causing an issue with one of our core applications as you can see below:

Application Event Log
Source: Software Restriction Policies
Event ID: 865
Access to C:\Program Files\TRIM Context\TRIMwatcher.exe has been restricted by your Administrator by the default software restriction policy level.

The software Restriction policy is set to "Disallowed" and therefore he following entries are added to the Additional Rules by default
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%

These rules above should allow all applications in System and Program the ability to run.
Any Ideas plz?

#	Title
1	x64 Vista show only 3.25GB of r…
2	can not create a file under \window…
3	DCOM Event 10015
4	DCOM Server error
5	DCOM/COM App
6	Group policy best practice.