Packages Assigned to Computers with Group Policy Are Not Installed (278472)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
This article was previously published under Q278472

SYMPTOMS

You can use Windows 2000 Group Policy objects (GPOs) to assign .msi packages to a group of Windows 2000 Professional-based workstations based on their membership in an organizational unit. When a workstation is rebooted and the computer policies are applied, the assigned programs may not be installed and the following error messages may be logged in the Application event log on the Windows 2000 Professional-based workstation:
Source: UserEnv
Event ID 1000
The Group Policy client-side extension Application Management was passed flags (1) and returned a failure status code of (1612).

Source: Application Management
Event ID 108
Failed to apply changes to software installation settings. Software changes could not be applied. A previous log entry with details should exist. The error was The installation source for this product is not available. Verify that the source exists and that you can access it.

Source: Application Management
Event ID 303
The removal of the assignment of application "Package Name" from policy "Policy Name" succeeded.

Source: Application Management
Event ID 102
The install of application "Package Name" from policy "Policy Name" failed. The error was The installation source for this product is not available. Verify that the source exists and that you can access it.

CAUSE

The machine account for the workstation does not have permissions to the share or file system that holds the source files for the package. When a workstation runs Group Policy, it does so in the context of the machine system account for the workstation.

RESOLUTION

Confirm that the machine account for the workstation that is applying Group Policy has at least Read access to the source files for the package that is assigned with Group Policy. You can do this by assigning permissions directly to the machine accounts, or by assigning permissions to a Security group, such as the Domain Computers or Authenticated Users group that contains the machine account.

If the source files are located on a Distributed File System (DFS) share, confirm that the machine account has sufficient NTFS and share permissions on all root replicas of the DFS root, and on all replica shares of the DFS link.

STATUS

This behavior is by design

MORE INFORMATION

For additional information about configuring DFS in Windows 2000, click the article numbers below to view the articles in the Microsoft Knowledge Base:

241452 How to Install Distributed File System (Dfs) on Windows 2000

234582 Publishing a Shared Folder in Windows 2000 Active Directory

274274 Machine Assigned Applications Cannot Be Deployed from Shares in Different Forests

For more information about assigning a program with Group Policy, see the Windows 2000 Help.
Modification Type:MajorLast Reviewed:11/20/2003
Keywords:kbDFS kbGPO kbprb KB278472
©2003 Microsoft Corporation. All rights reserved.