We're using Easymorph on a couple of PC's and have previously installed the application in the C:/Program Files/ folder rather than Users/usrname/AppData/Local because we're not allow to run exe-files from outside of the Program Files due to internal company policy.
This was worked before, but now for a new installation on a new PC, we're getting an error when running the application after install.
Cannot create "C:\Users<username>\AppData\Local\EasyMorph" because a file or directory with the same name already exists.
Most likely, the user who runs EasyMorph doesn’t have enough permissions to check if the C:\Users\<username>\AppData\Local\EasyMorph folder exists. Unfortunately, from EasyMorph’s side, it looks like the folder doesn’t exist. So EasyMorph tries to create that folder which leads to an error.
I haven’t been able to replicate this error on my side, though.
It’s expected that a user has full access to the C:\Users\<username>\AppData\Local\EasyMorph folder. Is it possible for you to change permissions for that folder?
Seems odd.
We should have read / write permissions to the AppData\Local folder, but for some reason it isn’t working.
It’s a global corporate policy so it’s unfortunately not an option to change the current set up.
The issue is that our corporate is utilizing Microsoft AppLocker to prevent non-whitelisted applications to run from anywhere outside of the C:\Program Files\ directory.
So for EasyMorph to be able to run from userfolder\AppData\Local where it defaults to run it has to be whitelisted.
This can be done though:
File hash
Path condition
Publisher certificate
The last is prefered, but it does not seem like EasyMorph is digitally signed - correct?
Second best option is path condition since file hash will have to be updated for every subsequent release of EasyMorph.
What is your recommendations for whitelisting your application?
Input here is greatly appreciated.
We will add signing with a publisher certificate. EasyMorph installer is already signed with a certificate. We’ll extend signing to the executable as well.
Internal deployment is working now, but when the silent install has finished, there’s no trace of EasyMorph on the machine.
Meaning that there’s no start menu icon, desktop icon etc. It also does not show up in a start menu search.
I can find the application in the installation path (C:\Program Files\EasyMorpH in this case) but is there a way to force the start menu icon for the current (or all) user(s)?
Two things to look into, maybe: setup creates icons (links) for the user that's executing this cmdlet; make sure that users match. Second, if I'm not missing something, Execute-Process is not a standard powershell cmdlet, maybe it's implemented in some way that interferes with normal setup process.
