Losing server.policy settings

Hi,
I am using Sun ONE 8.1 EE on Solaris.
My application needs an entry in config/server.policy (a secuirty provider is available). Once added the application works.
However, stopping and starting the instance will lose the change and go back to the origianl one.
Any ideas how to deal with this?
Thanks
Rakesh

You have to change server.policy in the DAS (Domain Admin Server) configuation directory and then restart the instances. For example, if your domain is called "domain1" and it is in the directory /var/opt/SUNWappserver/domains, then you should make changes to /var/opt/SUNWappserver/domains/domain1/config/server.policy file
From 8.1 EE, configuration for all instances is stored in the DAS. At every restart, instances get the latest configuration from DAS and cache it. Making any changes to the configuration files stored in the cache does not help because it is overwritten by the files in DAS the next time instance is restarted.
For a graphical explanation of this, see figure 4-1 at http://docs.sun.com/source/819-0215/nodeagent.html

Similar Messages

  • Issue with UAG/TMG communication to published SharePoint application is blocked by access policy settings

    We have a UAG/TMG server set up with SharePoint published. The UAG is also doing load balancing for the SharePoint farm. We have an MDM application that is trying to connect to our SharePoint but our SharePoint is routed through the UAG. The MDM application
    does not need to be published neither is there any component that can be accessed directly by end users. It is more of a proxy to relay content to mobile devices. It is using 443 and two other secondary ports.
    On the TMG logs, we can see requests hitting the TMG over port 443 from the MDM application server. We can also see that it is trying to be routed to our SharePoint but we get the following error in the TMG log:
    “Filter information: A request from source IP address xx.xx.xx.xx, user to trunk portal; Secure=1 for application SharePoint of type SharePoint15 failed. The endpoint device does not comply with access policy settings ([%PolicyId%]) for session [%SessionId]”
    The source IP is the internal IP of the host running the MDM application. In the UAG side, under the SharePoint publishing rule, for Access Policy Settings we have tried selecting the 'Always' option but that had no effect. It appears like there is a policy
    blocking communication to SharePoint. Does anyone have a suggestion on which policy or where the policy that is controlling this is located so that we can try to resolve this issue? Thanks.

    Looking at the UAG Web Monitor, it says that the access policy is 'Hybrid_Default_Session_Access' and the URL is /_vti_bin/Webs.asmx. 
    We can't find a 'Hybrid Default Session Access' policy. In the Endpoint Policy Settings tab, we tried using 'Always' for the Access Policy for the published SharePoint application but that did not make any difference. 

  • Any applicable\recommended Group Policy settings (Local & Domain) for configuring windows 8.1 "gold master image" for collection

    Happy Friday everybody -
    I'm working on implementing Microsoft RDS 2012\VDI for the folks here at work.  I've read - online - a lot of articles on VDI and RDS 2012 - and have a working model that is working somewhat satisfactorily.  I haven't seen much online about steps
    I could take in Local Group Policy on my Windows 8.1 'gold image' - or for that matter Domain level group policy - that can assist in creating a better, more reliable/robust Windows 2012 VDI environment.
    Anybody out there got any information or opinions or advice on Group Policy settings for VDI environments?
    Thanks again, everyone!
    Adrian
    anr

    Hi Adrian,
    Thank you for posting in Windows Server Forum.
    In regards to your issue you can refer beneath article for detail information.
    1. Group Policy Best Practices for VDI Environments
    2.Some Basic Group Policy Settings for VDI
    Hope it helps!
    Thanks.
    Dharmesh Solanki

  • GPO for Print Server Security settings?

    Hi forum,
    I am setting up a specific OU for print servers and have a GPO assigned to this.
    As we need to apply certain roles to some AD groups we have a need to reflect this to the Print Server Security settings so it gets reflected to the print queues.
    Has anyone found a way to have a GPO to alter the Security settings under the Print Server porperties?
    Thanks,
    David

    Hi David,
    Based on your description, did you mean that want to configure permission of a Print Server via group policy?
    It seems that the target can’t be achieved via group policy. However, you may be able to add some security groups to print servers by using Windows PowerShell. For more details, please refer to following article and check if can help you.
    Weekend
    Scripter: Add Security Groups to Print Servers by Using PowerShell
    If anything I misunderstand or any update, please don’t hesitate to let me know.
    Hope this helps.
    Best regards,
    Justin Gu

  • No policy settings on certificate authority console

    Greetings,
    The microsoft article discussing windows server 2000 under the heading "Configuration of Certificates to Be Issued" in the third paragraph talks about right clicking the Policy settings node under the certificate authority.  When look on the
    certificate authority, I do not see a Policy settings node to right click on.
    Not that I am running Small Business Server 2011 if it makes a difference.  Also, when I click request new certificate on the certificate (local computer) personal\certificates node, I get only three certificate types whose status is available.  All
    other ones (including the web server template) show as status unavailable.
    How can I get the other templates.  I looked at their permissions using the active directory sites and services under services/public key services/certificate templates but the permission already allow the currently logged on userid.
    Your help is much appreciated

    Hi Mario,
    The article you mentioned applies to Windows Server 2000, on my Windows Server 2008 R2, there is no Policy Settings node, too.
    Instead, there is a
    Certificate Templates node under the CA name, you can right click on it, select
    New then click on Certificate Template
    to issue, after that you can enable new certificate templates.
    I hope this helps.
    Amy Wang

  • Server.policy seems to be a problem for many libraries.

    I'm trying to play around with an app written with DWR and Hibernate, and the server.policy is getting in the way. I understand the reasons for it, but there should be (in my opinion) an easy way for one of two things to happen:
    1) Turn off security altogether, assuming that the environment is "trusted." Most of the servers I've worked with that support security have an option for this; see Websphere, for example, which has a checkbox for security to be on or off.
    2) Specify security policies in a server log that would relate the the security exception. For example, on a violation, the server might generate a log that says "for the error at 8/28/2005 @ 10:04 a.m., the security policy 'grant { ... }' would fulfill the requirements."
    For libraries that rely on their own reflection capabilities, etc., this sort of thing would be drastically useful, moreso than requiring admins to find out exactly where in their filesystems a given jar is deployed so they can fiddle with security settings, hoping they got the right ones (and enough of them.)

    For the first part of your post, please see http://docs.sun.com/source/819-0076/jvm.html#wp1031405
    Steps copied from the above link --
    To disable the security manager:
    Go to the JVM Options page of the Admin Console.
    For instructions, see Configuring the JVM Options.
    On the JVM Options page, remove this option:
    -Djava.security.policy
    Click Save.
    Restart the server.
    Hope this helps.

  • E6-00 Error mandatory server policy failed access ...

    Hello
    We just got a new E6-00 and wanted to connect it to our Exchange 2007 Servers using Mail for Exchange and Activesync.
    We get the error "mandatory server policy failed access refused". E72 Nokia work with the same Activesync policy and E7-00 also. We have in the policy the setting that the device must be encrypted and I think this causes the error.
    Does somebody know what can be done to get the E6-00 to connect, without changing the Activesync Policy?
    Thank you for your answers.
    regards
    d
    r

    Hi, Even same isue being observed in E7-00(RM-626) with updated mail for exchange 3.0; but this time now admin_log.txt shows some more help regarding failure.
    "04/12/2011 19:46:00 Policy Update: Partial failure
    04/12/2011 19:46:00 Policy status 2
    04/12/2011 19:46:00 Refused exchange access.
    04/12/2011 19:46:00 Policy Update: This device is unable to implement all requested 04/12/2011 19:46:00 password policies. Your Exchange Server's 'Device Security'
    04/12/2011 19:46:00 settings are currently configured to disallow access
    04/12/2011 19:46:00 from any device that can't support all password policies.
    04/12/2011 19:46:00 Contact your Exchange Administrator.
    04/12/2011 19:46:00 ProcessStatusResponse LEAVE error=-15017
    04/12/2011 19:46:00 CEasCmdHandler:oRunL - Main state machine. PreviousMainState = 8.CurrentMainState = 3. CurrentPolicyState =2.Error =-15017"
    so we can approch exchnage server administrator for help and provide little lenecy for configuring mail on E7 handset. i have tried similar connection on iphone and android its working, i am attaching snapshot of android handset procedure which shows server policy downloaded from the GW server. this may help coder for resolution and make nokia suceed in CBA for mail for exchnage.
    complete log attached for reference.
    04/12/2011 19:40:37 Profile Updated
    04/12/2011 19:45:38 Connected to connection method named Vodafone Mobile Connect with type Packet Data
    04/12/2011 19:45:44 HTTP error code=449
    04/12/2011 19:45:44 Policy Update: The Exchange Server has new Policy information. 04/12/2011 19:45:44 Policy Update: Requesting Policy.
    04/12/2011 19:45:44 Server Protocol Version for provisioning is 4
    04/12/2011 19:45:44 Ready to process policy response
    04/12/2011 19:45:45 Continue Processing elements
    04/12/2011 19:45:45 The following policies are not relevant to our phone
    04/12/2011 19:45:45 Policy PasswordRecoveryEnabled = 0
    04/12/2011 19:45:45 Policy AllowIrDA = 1
    04/12/2011 19:45:45 Policy AllowRemoteDesktop = 1
    04/12/2011 19:45:45 Policy MaxEmailHTMLBodyTruncationSize = -1
    04/12/2011 19:45:46 Policy AllowSMIMESoftCerts = 1
    04/12/2011 19:45:46 Policy AllowSMIMEEncryptionAlgorithmNegotiation = 2
    04/12/2011 19:45:46 Policy AllowDesktopSync = 1
    04/12/2011 19:45:46 Policy Approved Application List
    04/12/2011 19:45:46 Policy Unapproved Application List
    04/12/2011 19:45:46 End of not relevant policies section
    04/12/2011 19:45:46 Version 12.0 policies
    04/12/2011 19:45:46 Policy DevicePasswordEnabled = 1
    04/12/2011 19:45:46 Policy RequireStorageCardEncryption = 1
    04/12/2011 19:45:46 Policy RequireDeviceEncryption = 1
    04/12/2011 19:45:46 Policy AlphanumericDevicePasswordRequired = 0
    04/12/2011 19:45:46 Policy AttachmentsEnabled = 1
    04/12/2011 19:45:46 Policy AllowSimpleDevicePassword = 1
    04/12/2011 19:45:46 Policy MinPasswordLength =4
    04/12/2011 19:45:46 Policy MaxInactivityTimeDeviceLock = 1800
    04/12/2011 19:45:46 Policy MaxDevicePasswordFailedAttempts = 5
    04/12/2011 19:45:46 Policy MaxAttachmentSize = -1
    04/12/2011 19:45:46 Policy DevicePasswordExpiration = -1
    04/12/2011 19:45:46 Policy DevicePasswordHistory = 0
    04/12/2011 19:45:46 End Version 12.0 policies
    04/12/2011 19:45:46 Version 12.1 policies
    04/12/2011 19:45:46 Policy EmailBodyTruncateSize = -1
    04/12/2011 19:45:46 Policy MaxCalendarAgeFilter = 0
    04/12/2011 19:45:46 Policy MaxEmailAgeFilter = 0
    04/12/2011 19:45:46 Policy MinDevicePasswordComplexCharacters = 3
    04/12/2011 19:45:46 Policy AllowStorageCard = 1
    04/12/2011 19:45:46 Policy AllowCamera = 1
    04/12/2011 19:45:46 Policy AllowWiFi = 1
    04/12/2011 19:45:46 Policy AllowBluetooth = 2
    04/12/2011 19:45:46 End Version 12.1 policies
    04/12/2011 19:45:46 The following received policies may cause us to fail server policy support
    04/12/2011 19:45:47 Policy AllowTextMessaging = 1
    04/12/2011 19:45:47 Policy SyncWhileRoaming = 1
    04/12/2011 19:45:47 Policy AllowHtmlEmail = 1
    04/12/2011 19:45:47 Policy RequireSignedSMIMEMessages = 0
    04/12/2011 19:45:47 Policy RequireEncryptedSMIMEMessages = 0
    04/12/2011 19:45:47 Policy RequireSignedSMIMEAlgorithm = 0
    04/12/2011 19:45:47 Policy RequireEncryptionSMIMEAlgorithm = 0
    04/12/2011 19:45:47 Policy AllowUnsignedApplications = 1
    04/12/2011 19:45:47 Policy AllowUnsignedInstallationPackages = 1
    04/12/2011 19:45:47 Policy AllowInternetSharing = 1
    04/12/2011 19:45:47 Policy AllowPOPIMAPEmail = 1
    04/12/2011 19:45:47 Policy AllowConsumerEmail = 1
    04/12/2011 19:45:47 Policy AllowBrowser = 1
    04/12/2011 19:45:47 *** Warning: Some unsupported server policies were found -- syncing may fail
    04/12/2011 19:45:59 Policy Download: Updating to KAttachmentsEnabled = 1
    04/12/2011 19:45:59 Policy Download: Updating to KMaxAttachmentSize = 0
    04/12/2011 19:45:59 Policy Download: Updating to KEmailBodyTruncationSize = -1 04/12/2011 19:45:59 Policy Download: Updating to KMessageFormat = 1
    04/12/2011 19:45:59 Policy Download: Updating to RequireManualSyncWhenRoaming = 1 04/12/2011 19:45:59 Policy Download: Updating to KMaxCalendarAgeFilter = 0
    04/12/2011 19:45:59 Policy Download: Updating to KMaxEmailAgeFilter = 0
    04/12/2011 19:46:00 Policy Update: Partial failure
    04/12/2011 19:46:00 Policy status 2
    04/12/2011 19:46:00 Refused exchange access.
    04/12/2011 19:46:00 Policy Update: This device is unable to implement all requested 04/12/2011 19:46:00 password policies. Your Exchange Server's 'Device Security'
    04/12/2011 19:46:00 settings are currently configured to disallow access
    04/12/2011 19:46:00 from any device that can't support all password policies.
    04/12/2011 19:46:00 Contact your Exchange Administrator.
    04/12/2011 19:46:00 ProcessStatusResponse LEAVE error=-15017
    04/12/2011 19:46:00 CEasCmdHandler:oRunL - Main state machine. PreviousMainState = 8.CurrentMainState = 3. CurrentPolicyState =2.Error =-15017
    Attachments:
    Android_mail.pdf ‏1299 KB

  • MfE on N8 Anna - Mandatory server policy failed. A...

    Was previously using MfE on N8 with PR1.2 to our corporate exchange server with no problem. The server has security poicly that enforces setting of keylock code and keylock timeout.
    Following update to Anna yesterday I'm no longer able to access my exchange mail. The error "Mandatory server policy failed. Access was refused. Contact your Exchange administrator." is displayed. This is a major disaster!
    I do not have any control over the Exchange server - and am not able to get any settings changed.
    I don't want to delete acount and recreate as if it fails I'll loose all syncronised contacts on phone.
    I've seen other threads of MfE access problems, but my problem is specific to the security policy issue.
    Regards
    Cliff

    This item is listed in another topic as solved but unfortunately it is not solved.
    It is shame for Nokia. This problem is known since Mid of Jun 2011 so since 4 months, but nothing done. 
    Altough I just updated my device in mid of October, I was not informed by anyone about this bug.
    Blackbarry has published a lot of free applications to their customers because of just two days down time in their mail server. We will see also the power of Nokia after resolvng the problem, (surely if ever anyone resolves this problem)
    Thank you Nokia, that you are connecting us just with you by this kind of forums instead of with people...

  • Server.policy file

    The ejb I am developing is trying to delete the following file from a local filesystem (Linux SuSE 9.3 Pro) : /path/to/file/delete.me I get the following exception:
    java.security.AccessControlException: access denied (java.io.FilePermission /path/to/file/delete.me delete)
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
    at java.security.AccessController.checkPermission(AccessController.java:427)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    at java.lang.SecurityManager.checkDelete(SecurityManager.java:990)
    at java.io.File.delete(File.java:869)
    I tried to modify the server.policy file adding the following line:
    permission java.io.FilePermission "/path/to/file/delete.me", "delete";
    but nothing changes, even when I restart the application server (don't know even if it is necessary to restart). I am using Sun Java System Application Server Enterprise Edition 8.1. Any help is welcome...
    Thanks in advance
    null

    I think I solved the problem. At least I managed to delete the file :-)
    First I had to add the following line to JRE's java.policy file:
    permission java.io.FilePermission "/path/to/file/delete.me", "delete";Then I added the following entry to the server's server.policy file:
    grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-apps/MyApp-" {
      permission java.io.FilePermission "/path/to/file/delete.me", "delete";
    };like described here:
    http://docs.sun.com/app/docs/doc/819-3659/6n5s6m58n?a=view#beabz
    I hope this could help to someone with the same problem

  • Issue with HOST "metric and policy settings"

    Hi All,
    I have a OMS and EM Reporsitory installed on a linux machine I have connected four agents(4 hosts) to this grid control. For one perticular host I could not see any predefined metrics. The steps I followed are I have opened a host and went to "Metric and Policy Settings" and there I could not see any predefined metrics like Log file patteren match metrics and CPU utilization metric etc. For checking I have access "All Metrics" option there I can see all predefined metrics but their "collection Schedule" set to Real time-only. I think this is reason why I am not able to see these metrics in "Metric and Policy settings" for customization. How can change the Collection Schedule of these metric. This case is only for that perticular host other hosts are fine and showing metrics and allowing me to customize thresholds values.
    As someone suggested I stopped and cleared the state of the agent and then started the agent again but the problem is not solved. Please suggest me a solution.
    Regards,
    Ashok Chava

    You could create a MONITORING TEMPLATE of the metrics you want to collect and base it off of a host that has the Metric and Policy Settings SET and apply it to this perticular host.
    Have you checked Setup> Management Pack Access> for HOSTS?

  • Applying Metric and Policy Settings globally

    Hi,
    I wish to remove some Metric and Policy Settings globally.
    Example: I want to remove monitoring for percentage of space left in tablespaces. Instead, I want to make all tablespaces auto-extensible and only monitor disk space.
    I don't want to go into the configuration of each and every database in order to do this. There must be a way to globally remove out-of-box configurations and globally add a custom configured one, or is that not true?
    Thank you for any insights!
    Maria

    It disappears only because there is a drop down at the top that says to filter "metrics with thresholds" just switch that to "All metrics" and you will see the blank ones again. As for the disabling a collection. A collection is used for many metrics. When you go to disable a metric collection, by clicking on the link for "Every 15 minutes" (for example). It will list all of the metrics that you will no longer collect data for.
    Again, I would suggest not stopping the collection, and simply blanking out the thesholds. Thats the way it was designed.
    Eg. Disabling Archive space used collection will disable the following other metrics:
    Archive Area Used (%)
    Archive Area Used (KB)
    Dump Area Directory
    Dump Area Used (%)
    Dump Area Used (KB)
    Free Archive Area (KB)
    Free Dump Area (KB)
    Total Archive Area (KB)
    Total Dump Area (KB)

  • User Group Policy Settings not applied to new user profiles at first logon

    Good Afternoon,
    We have an issue that occurs to a new user when they first log on to their machines. They log on and a new profile creates from the Default User Profile. We can see that a number of our Group Policy Settings applied as "User Configuration" are
    not applying.A log off and back on is required before the policies apply.
    Any thoughts to this behaviour please?
    Regards
    LeeB
    Lee Bowman MCITP MCTS

    Hi,
    How about your problem now? How many system encounter this problem? Is all policy couldn't be applied? Is there any feedback when using gpresult to check policy applied status?
    As Group Policy applies after user identity authentication, generally speaking, user logoff and back doesn't helpful with this problem.
    When this problem occures, have you checked event log if it identify this problem?
    Roger Lu
    TechNet Community Support

  • Email server security settings for Thunderbird

    Hi - my first message to the Forum so hope I am in the right section. I'm on Windows 8. My email is working fine via an email client (Thunderbird). However, the server security settings suggested by BT instructions for T/Bird seem very weak to me............. - Connection security - none - Authentication method - password, transmitted insecurely. Can anyone using Thunderbird please advise me what they should be please. Help would be appreciated - thank you. John
    Solved!
    Go to Solution.

    Am I OK shifting the incoming to IMAP from POP3 please ?
    John
    Your choice, they are 2 completely different ways of operating e-mail. With IMAP, the mail is held on the server and can be accessed from multiple devices, POP3 downloads the mail to the client and is deleted from the server (unless specifically told to leave a copy on the server) BT don't advertise the fact but does in fact support secure POP3. the server mail.btinternet.com supports POP3 using SSL on port 995 and secure SMTP on port 465

  • Server.policy how to solve this problem of permission

    I had deployed a adf faces application.
    I think adf framework build images, and javascritps at cache....
    then my page appear like this:
    http://img113.imageshack.us/img113/7519/adferror9lb.jpg
    the erros at log of SunApplicationServer of this issue is this:
    http://img115.imageshack.us/img115/3169/imagem1lm.jpg
    my server.policy is equal this:
    server.policy
    // Copyright 2004-2005 Sun Microsystems, Inc.  All rights reserved.
    // Use is subject to license terms.
    /* Copyright 2004 Sun Microsystems, Inc. All rights reserved.     */
    /* SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */
    // Core server classes get all permissions by default
    grant codeBase "file:${com.sun.aas.installRoot}/lib/-" {
         permission java.security.AllPermission;
    // lockhart classes get all permissions by default
    grant codeBase "file:${com.sun.aas.webconsoleLib}/cc.jar" {
            permission java.security.AllPermission;
    // jato classes get all permissions by default
    grant codeBase "file:${com.sun.aas.jatoRoot}/jato.jar" {
            permission java.security.AllPermission;
    // iMQ classes get all permissions by default
    grant codeBase "file:${com.sun.aas.imqLib}/-" {
         permission java.security.AllPermission;
    // ANT classes get all permissions by default
    grant codeBase "file:${com.sun.aas.antLib}/-" {
         permission java.security.AllPermission;
    // Pointbase embedded server classes get all permissions by default
    grant codeBase "file:${com.sun.aas.pointbaseRoot}/lib/-" {
         permission java.security.AllPermission;
    // Web Services classes get all permissions by default
    grant codeBase "file:${com.sun.aas.webServicesLib}/-" {
         permission java.security.AllPermission;
    // permissions for avkit classes
    grant codeBase "file:${j2ee.appverification.home}/lib/-" {
        permission java.security.AllPermission;
    // Basic set of required permissions granted to all remaining code
    grant {
         permission java.lang.RuntimePermission  "loadLibrary.*";
         permission java.lang.RuntimePermission  "queuePrintJob";
         permission java.net.SocketPermission    "*", "connect";
         permission java.io.FilePermission       "<<ALL FILES>>", "read, write, delete";
            // work-around for pointbase bug 4864405     
            permission java.io.FilePermission "${com.sun.aas.instanceRoot}${/}lib${/}databases${/}-", "delete";
            permission java.io.FilePermission "${java.io.tmpdir}${/}-", "delete";
         permission java.util.PropertyPermission "*", "read";
         permission java.lang.RuntimePermission     "modifyThreadGroup";
    // Following grant block is only required by Connectors. If Connectors
    // are not in use the recommendation is to remove this grant.
    grant {
            permission javax.security.auth.PrivateCredentialPermission "javax.resource.spi.security.PasswordCredential * \"*\"","read";
    // Following grant block is only required for Reflection. If Reflection
    // is not in use the recommendation is to remove this section.
    grant {
         permission java.lang.RuntimePermission "accessDeclaredMembers";
    // Permissions to invoke CORBA objects in server
    grant {
        permission com.sun.enterprise.security.CORBAObjectPermission "*", "*";
    };

    Delete the files extensions.* (extensions.rdf, extensions.cache, extensions.ini) and compatibility.ini in the Firefox [[Profiles|profile folder]] to reset the extensions registry.
    See "Corrupt extension files": http://kb.mozillazine.org/Unable_to_install_themes_or_extensions
    If you see disabled extensions that are not compatible on the next start in "Tools > Add-ons > Extensions" then click the "Find Updates" button to do a compatibility check.

  • O365 firstrun suppression policy settings do not suppress file formats chooser when installed on EU locale computers

    I am not sure where to report this but I believe I have found a bug in the latest Office 365 product. I set up a machine running windows 7, and implemented Office 2010 and Office 2013 group policies, I scoped the policies to the correct user and machine.
    the particular policy I am interested in is the "default file format" found in the GPO under the save option for word, excel and powerpoint. under office 2010 this policy applies correctly and does not display the "choose a file format"
    dialog box when those programs start, this is the behaviour I am looking for. I then installed Office 2013 and implemented the exact same group policy, the default file format dialog box does not appear. however, when I install Office 365 (2013 edition) the
    dialog box does display. it appears that some other policies do apply correctly to the office 365 product but the default files format policy does not, office 365 is ignoring this policy setting.... hence why I believe this is a bug. according to the Microsoft
    technical literature the Office 365 product and Office 2013 share the same group policy settings, I can not find any admx files specifically for office 365, only for office 2013 so 365 should recognise and use this policy setting.
    Steve

    ok, then to (possibly) help you, this is what I did in my initial testing to help prevent the running of some of those apps... up to you if you chose to implement this but it did seem to work for me in my test environment
    Create a GPO which uses User GPP and Computer start up scripts. The GPP will remove the shortcuts and the start up scripts will install an ACT  Database with AppHelp messages. These AppHelp messages
    will disallow the application to run passing it off as a "compatibility" issue, and that's assuming the user can get to the exe file after the shortcut has gone.
    Create a GPP Folder Options – File Type which re-associates the extensions for the blocked app with another application or removes the extension.
    http://technet.microsoft.com/en-us/library/hh825139.aspx
    http://technet.microsoft.com/en-us/library/cc749586(v=ws.10).aspx
    http://technet.microsoft.com/en-us/library/cc749169(v=ws.10).aspx
    any or all of those steps could form a solution as far as i can tell. I know this appears a pretty botch job but its the best I can think of, you could use app locker policies but personally I have never been a fan of implementing such restrictions (perhaps
    it comes from the days where software restriction and hash rules and such seemed a pain in the wassit).
    I don't mean to appear greedy when asking for help, but you have an even bigger rollout than Don has at the moment with O365, we both have a joint scenario which I wonder if you had come across and know the answer to, even though I've marked this as answered
    it is the best we have at the moment but not 100% conclusive, would you have anything to add to it? the thread is located at
    http://social.technet.microsoft.com/Forums/en-US/officesetupdeploy/thread/6a3b4fd6-1ad3-40a7-8b9e-e9cf815e115b
    Many thanks
    Steve

Maybe you are looking for

  • Problem in Resetting the Frame Color to default

    Hi Gurus, When I was working with Frames, in property pallette, mistakenly I selected a color for the Frame background. Before that it was "<Unspecified>". Now I want to set the Color of the Frame to Default. Can anyone help me on this regard, becaus

  • How to configure the proxyserver in solaris10

    hi everyone Anyone can solve this problem, i want to configure the proxy server in solaris 10. any knows please send the reply. regards eshwar reddy.k

  • How to update user properties using CSOM

    Hello All , Is it possible to update a SharePoint user properties (like email, title, etc) using CSOM API? In the User class (Microsoft.SharePoint.Client.User) i saw properties like Email, Title are possible to get and set. I tried updating these pro

  • Hyperion 9 sending a email on a condition

    hi All. i dont know too much about hyperion..... we have hyperion 9.31 installed.... i have just been asked to look into how to get a hyperion report to send an email on a condition..... so we have this report and we want it to send the report in a e

  • Downloading Oracle 8i for Linux

    I have downloaded Oracle 8i for Linux twice but have the same problem when I unzip this file. Message encountered is Unexpected EOF IN ARCHIVE ERROR IS UNRECOVERABLE .. EXITING NOW..