Problem
APPLIES to LDMS 9.6
LANDESK has identified an issue where on a Windows 8.x system some metro apps may no longer launch correctly after installing LDMS 9.6 on the client. After the agent is installed and a user tries a metro application you might see the application crash and throw a message in the windows event viewer similar to this:
Log Name: Application
Source: Microsoft-Windows-Immersive-Shell
Date: 01/05/2015 8:28:20 AM
Event ID: 5973
Task Category: (5973)
Level: Error
Keywords:
User: DOMAIN/USER
Computer: COMPUTERNAME
Description:
Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: Access is denied. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
<EventID>5973</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>5973</Task>
<Opcode>0</Opcode>
<Keywords>0x2000000000000000</Keywords>
<TimeCreated SystemTime="2015-01-05 T15:28:20.038953300Z" />
<EventRecordID>58293</EventRecordID>
<Correlation />
<Execution ProcessID="13464" ThreadID="15564" />
<Channel>Application</Channel>
<Computer>COMPUTERNAME</Computer>
<Security UserID="SID" />
</System>
<EventData>
<Data Name="AppId">Microsoft.SkypeApp_kzf8qxf38zg5c!App</Data>
<Data Name="ErrorCode">-2147024891</Data>
</EventData>
</Event>
From the TWINUI Log
Log Name: Microsoft-Windows-TWinUI/Operational
Source: Microsoft-Windows-Immersive-Shell
Date: 01/05/2015 8:28:20 AM
Event ID: 5961
Task Category: (5961)
Level: Error
Keywords:
User:DOMAIN/USER
Computer: COMPUTERNAME
Description:
Activation of the app Microsoft.SkypeApp_kzf8qxf38zg5c!App for the Windows.Launch contract failed with error: Access is denied..
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
<EventID>5961</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>5961</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2015-01-05T15:28:20.038953300Z" />
<EventRecordID>15157</EventRecordID>
<Correlation />
<Execution ProcessID="13464" ThreadID="15564" />
<Channel>Microsoft-Windows-TWinUI/Operational</Channel>
<Computer>ComputerName</Computer>
<Security UserID="SID" />
</System>
<EventData>
<Data Name="AppId">Microsoft.SkypeApp_kzf8qxf38zg5c!App</Data>
<Data Name="ContractId">Windows.Launch</Data>
<Data Name="ErrorCode">-2147024891</Data>
</EventData>
</Event>
Cause
Registry and or file system permissions may have been changed from their defaults.
Solution
The fix to issue is a two part solution preventing/fixing the systems so they are no longer breaking and then repairing a broken system.
Part One: Stop new systems from breaking and repaired systems from becoming broken again.
Install LDMS 9.6 SP1 to the core and agents
Or
Patch the LDMS 9.6 Core with VUL ID: LD-236875-96
Once you apply this patch to the core the next time Vulscan runs (security and patch manager) on the client side file(softmon) should be auto updated( if you have configured your client systems to run security scans with the /NoUpdate (manual step) you will need to run the client patch or client vulnerability associated with this).
Neither applying SP1 or patch 236875-96 to a client will repair already broken systems. In order to repair systems in a broken state please proceed to part two.
Part Two: Repairing broken systems
The second part is the repair of the broken system.
To repair either LDMS 9.6 or LDMS 9.6 SP1(agent upgraded) agents you need to download and run Vul ID: Fix_Permissions_in_registry_for_Items_under_CLSID. against all detected machines. This vulnerability ID is located in the LANDESK updates section of patch and compliance this is available for all LANDESK customers.
This needs to be ran on the client systems that broken, since this is a patch definition you can repair these systems using the repair method of your choice or set the patch to autofix. We have added a verbose logging switch to this so everything we find and repair with this definition will be outputted the vulscan log for your review.
Note:
Depending on size of registry and speed of machine this definition might take some time to complete( in testing we averaged 7 minutes).This might appear to be hung and you will see nothing being written to the vulscan log, please let vulscan run as powershell logs everything at the end of the job.
For more information on using the Patch and Compliance tool please see:
LANDESK 9.6 Help - Patch and Compliance