GPO 推送安装失败,错误代码为 1603
Che*_* Bo 5 windows-server-2008
我是 GPO 推送安装的新手。我刚刚配置了一个组策略来为域中的机器推送安装软件。但是,它失败并显示错误代码 1603。
以下是客户端上的日志appmgmt。
07-27 17:14:16:775
Software installation extension has been called for foreground synchronous policy refresh.
The following policies are to be applied, flags are 1.
SecureAge Distribute (unique identifier {AE19597D-CBD3-42EF-AEE8-09FBBFA13171})
System volume path = \\dev.sa.com\SysVol\dev.sa.com\Policies\{AE19597D-CBD3-42EF-AEE8-09FBBFA13171}\Machine
Active Directory path = LDAP://CN=Machine,cn={AE19597D-CBD3-42EF-AEE8-09FBBFA13171},cn=policies,cn=system,DC=dev,DC=sa,DC=com
Set the Active Directory path to LDAP://CN=Class Store,CN=Machine,cn={AE19597D-CBD3-42EF-AEE8-09FBBFA13171},cn=policies,cn=system,DC=dev,DC=sa,DC=com;.
Enumerating applications in the Active Directory for computer CHENBOXPSP3X32 with flags 5.
CSTORE: Retrieving class store path for the system account.
CSTORE: Retrieved 1 class stores for the user or machine.
CSTORE: Attempting to bind to class store 0 with path LDAP://CN=Class Store,CN=Machine,cn={AE19597D-CBD3-42EF-AEE8-09FBBFA13171},cn=policies,cn=system,DC=dev,DC=sa,DC=com.
CSTORE: Bind attempt returned error code 0.
CSTORE: Enumerating packages with search filter (&(objectclass=packageRegistration)(|(|(msiScriptName=*A*)(&(canUpgradeScript=*)(msiScriptName=*P*)))(!(msiScriptName=*)))) and flags ce00000.
CSTORE: Examining retrieved package SecureAge.
The following applications were found in policy SecureAge Distribute.
Assigned application SecureAge (flags a0004c70).
Found 1 applications in policy SecureAge Distribute.
Enumerating the managed applications which are currently applied to this user.
No managed applications are currently applied to this user.
Found 0 applications locally that are not included in the set of applications from the Active Directory.
Application SecureAge from policy SecureAge Distribute is set for installation because it is assigned to this computer policy.
Assigning application SecureAge from policy SecureAge Distribute.
Calling the Windows Installer to advertise application SecureAge from script C:\WINDOWS\system32\appmgmt\MACHINE\{e7b03277-41c7-41b4-8863-cffe4d61237e}.aas with flags 69.
Windows Installer cannot advertise application SecureAge from script C:\WINDOWS\system32\appmgmt\MACHINE\{e7b03277-41c7-41b4-8863-cffe4d61237e}.aas, error 1603..
The assignment of application SecureAge from policy SecureAge Distribute failed. The error was : %1603
和
Removing application SecureAge from the software installation database.
Calling Windows Installer to remove application advertisement for application SecureAge from script C:\WINDOWS\system32\appmgmt\MACHINE\{e7b03277-41c7-41b4-8863-cffe4d61237e}.aas.
Windows Installer cannot remove application advertisement for application SecureAge from script C:\WINDOWS\system32\appmgmt\MACHINE\{e7b03277-41c7-41b4-8863-cffe4d61237e}.aas, error 1603.
The removal of the assignment of application SecureAge from policy SecureAge Distribute failed. The error was : %1603
Policy Logging for Software Management is attempting to log application SecureAge from policy SecureAge Distribute.
Failed to apply changes to software installation settings. Software changes could not be applied. A previous log entry with details should exist. The error was : %1603
和
Software installation extension returning with final error code 1603.
07-27 17:14:25:665
Software installation extension has been called for foreground synchronous policy refresh.
The following policies are to be applied, flags are 80.
SecureAge Distribute (unique identifier {AE19597D-CBD3-42EF-AEE8-09FBBFA13171})
System volume path = \\dev.sa.com\SysVol\dev.sa.com\Policies\{AE19597D-CBD3-42EF-AEE8-09FBBFA13171}\User
Active Directory path = LDAP://CN=User,cn={AE19597D-CBD3-42EF-AEE8-09FBBFA13171},cn=policies,cn=system,DC=dev,DC=sa,DC=com
Set the Active Directory path to LDAP://CN=Class Store,CN=User,cn={AE19597D-CBD3-42EF-AEE8-09FBBFA13171},cn=policies,cn=system,DC=dev,DC=sa,DC=com;.
Policy has not changed. Only assigned applications will be advertised.
Enumerating the managed applications which are currently applied to this user.
No managed applications are currently applied to this user.
Found 0 applications locally that are not included in the set of applications from the Active Directory.
Software installation extension returning with final error code 0.
我试图搜索诸如“Windows Installer 无法为应用程序做广告...从脚本...”之类的内容,但没有得到任何提示。
此外,%temp% 文件夹中没有 msi 安装的日志。
编辑:应用事件中的事件信息如下:
Event ID: 101 (error)
The assignment of application SecureAge from policy SecureAge Distribute failed. The error was : Fatal error during installation.
Event ID: 103 (error)
The removal of the assignment of application SecureAge from policy SecureAge Distribute failed. The error was : Fatal error during installation.
Event ID: 108 (error)
Failed to apply changes to software installation settings. Software changes could not be applied. A previous log entry with details should exist. The error was : Fatal error during installation.
Event ID: 1085 (error)
The Group Policy client-side extension Software Installation failed to execute. Please look for any errors reported earlier by that extension.
我按照此链接设置组策略,因为我是新手,因此无法发布屏幕截图。 http://support.microsoft.com/kb/816102
Windows XP 和 7 32 位主机都会出现此问题。主机在 VMWare 中运行。
编辑 2:我尝试使用启动脚本来安装软件包,它适用于 Windows 7 客户端。在 Windows 7 客户端的启动阶段,会弹出一个交互式服务检测窗口,显示安装的软件想要显示一些消息。除此之外,安装工作正常,安装过程中无需输入。请注意,手动安装 msi 会显示一条消息,提示安装后需要重新启动。
启动脚本如下:
Set WshShell = CreateObject("WScript.Shell")
Set objFso = CreateObject("Scripting.FileSystemObject")
If Not objFso.FileExists("C:\Program Files\SecureAge\bin\SecureAge.exe") Then
WshShell.Run "\\192.168.0.145\DPoint\SecureAge.msi"
End If
注意:启动脚本安装仅适用于 Windows 7,不适用于 Windows XP。
编辑3:组策略截图:
任何人都可以帮我解决这个问题。
感谢致敬
1603 致命错误通常由以下两种情况之一引起:执行安装的帐户无法写入所需的位置,或者安装包已损坏。由于您已经通过安装排除了#2,所以我假设它是#1。
当您使用基于计算机的软件安装 GPO 时,您所做的是以 SYSTEM 帐户安装该软件。某些软件安装程序行为不当并要求将数据写入安装用户的配置文件。SYSTEM 帐户不像其他用户帐户那样具有传统的配置文件,这会产生所需目录不存在的错觉。这可以解释为什么登录脚本或手动安装有效 - 两者都不能作为 SYSTEM 运行。
我会与您的软件供应商核实,并确保可以按照您尝试的方式部署该软件,因为所有迹象都表明软件安装程序本身是罪魁祸首。
| 归档时间: |
|
| 查看次数: |
32201 次 |
| 最近记录: |