출처 : http://support.microsoft.com/kb/925336
Error message when you try to install a large Windows Installer package or a large Windows Installer patch package in Windows Server 2003 or in Windows XP: "Error 1718. File was rejected by digital signature policy"
Error message when you try to install a large Windows Installer package or a large Windows Installer patch package in Windows Server 2003 or in Windows XP: "Error 1718. File was rejected by digital signature policy"
SYMPTOMS
When you try to install a large Microsoft Windows Installer (.msi) package or a large Microsoft Windows Installer patch (.msp) package on a computer that is running Microsoft Windows Server 2003 or Microsoft Windows XP, you receive the following error message:
Error 1718. File FileName was rejected by digital signature policy.
CAUSE
This problem occurs when the computer has insufficient contiguous memory for Windows Server 2003 or Windows XP to verify that the .msi package or the .msp package is correctly signed.
WORKAROUND
To work around this problem, follow these steps:
1. Click Start, click Run, type control admintools, and then click OK.
2. Double-click Local Security Policy(로컬 보안 설정).
3. Click Software Restriction Policies(소프트웨어 제한 정책).
1. Click Start, click Run, type control admintools, and then click OK.
2. Double-click Local Security Policy(로컬 보안 설정).
3. Click Software Restriction Policies(소프트웨어 제한 정책).
Note If no software restrictions are listed, right-click Software Restriction Policies(소프트웨어 제한 정책), and then click Create New Policy(정책 생성하기).
4. Under Object Type(개체 유형), double-click Enforcement(강요).
5. Click All users except local administrators(로컬 관리자를 제외한 모든 사용자), and then click OK.
6. Restart the computer.
Important After you follow the previous steps, local administrators can install the .msi package or the .msp package. After the package is installed, reset the enforcement level by following the previous steps. In step 5, click All users instead of All users except local administrators.
4. Under Object Type(개체 유형), double-click Enforcement(강요).
5. Click All users except local administrators(로컬 관리자를 제외한 모든 사용자), and then click OK.
6. Restart the computer.
Important After you follow the previous steps, local administrators can install the .msi package or the .msp package. After the package is installed, reset the enforcement level by following the previous steps. In step 5, click All users instead of All users except local administrators.
MORE INFORMATION
Digital signatures help make sure that a package has not been tampered with. Windows Server 2003 and Windows XP use an additional level of security, Software Restriction Policies, when Windows Installer calls the SaferIdentifyLevel function.
When Windows Installer calls the SaferIdentifyLevel function together with the SAFER_CRITERIA_IMAGEHASH flag, the whole package is loaded into memory on the computer. The computer must have sufficient contiguous memory for the package size. If the computer has insufficient contiguous memory, an error occurs. Because an error occurs, Windows Installer cannot verify that the package is correctly signed. Therefore, you receive the error message that is mentioned in the "Symptoms" section.
The following log data shows the sequence of events when this problem occurs:
When Windows Installer calls the SaferIdentifyLevel function together with the SAFER_CRITERIA_IMAGEHASH flag, the whole package is loaded into memory on the computer. The computer must have sufficient contiguous memory for the package size. If the computer has insufficient contiguous memory, an error occurs. Because an error occurs, Windows Installer cannot verify that the package is correctly signed. Therefore, you receive the error message that is mentioned in the "Symptoms" section.
The following log data shows the sequence of events when this problem occurs:
MSI (s) (BA:AD) [12:00:00:000]: SOFTWARE RESTRICTION POLICY: Verifying object --> 'D:\WINDOWS\Installer\50baad.msp' against software restriction policy MSI (s) (BA:AD) [12:00:00:000]: SOFTWARE RESTRICTION POLICY: D:\WINDOWS\Installer\50baad.msp has a digital signature MSI (s) (BA:AD) [12:00:00:000]: SOFTWARE RESTRICTION POLICY: SaferIdentifyLevel reported failure. Assuming untrusted. . . (GetLastError returned 5) MSI (s) (BA:AD) [12:00:00:000]: The installation of D:\WINDOWS\Installer
'Windows' 카테고리의 다른 글
| Windows Fundamentals for Legacy PCs v2006 SP2 설치 실패기 (0) | 2007.02.20 |
|---|---|
| Microsoft TechNet Offline Seminar, Feb. 15th 2007 정리 (0) | 2007.02.16 |
| Using COM to explore the namespace (0) | 2007.02.08 |
| How To Convert a File Path to an ITEMIDLIST (0) | 2007.02.06 |
| ITEMIDLIST management library (0) | 2007.02.06 |
