I am trying to load a service pack for an application running on a Terminal Server machine. The machine is using Windows 2000 Server. I keep getting a error from the Windows installer that the Administrator has a policy set up that prevents me from doing this.

I can install anything else but not this service pack which I need so that my remote users can print in certain applications.

I'm logged on as the administrator and in install mode each time I've tried to install it, and I looked through the local policies and I can't find anything that would prohibit me from installing. Could the problem be related to the domain policies and if so which ones?

The program manufacturer assures me that there is nothing different or unique about the service pack.

Here is something worth trying:

"The local policy of this system does not permit you to logon interactively."

Symptoms: When trying to connect to a W2K domain controller running Terminal Services with Application Server mode for user access, you as a TS user may receive "The local policy of this system does not permit you to logon interactively" message. You may not receive this message if you logon with a member of the following default groups:
Account Operators
Administrators
Backup Operators
Print Operators
Server Operators
Others based on services on the computer such as TsInternetUser

Also, you will not receive this message when you logon member and stand-alone servers since they have the users group included in the "Log on Locally" user right.
Resolutions:This issue occurs because the W2K domain controller running Terminal Services does not have the Users, Authenticated Users, or Everyone global group added to the Group Policy Object for the "Log on Locally" user right. "Log on Locally" is a required user right in Microsoft Windows NT 4.0, Terminal Server Edition and Windows 2000 Terminal Services. To modify the Group Policy Object for the domain controller, go to Administrative Tools>Domain Controller Security Policy>Security Settings>Local Policies>User Rights Assignment>Policy>Log on Locally>Add>Browse, click the appropriate group, and then click Add. After modifying the Group Policy, type secedit /refreshpolicy machine_policy /enforce at a command prompt, press ENTER, and then press ENTER.

If that doesnt lead to anything i would need the exact error message

I tired this and when I enterd the string at the command prompt an Automating Security Configuration Management Help dialog came up. Should I have rebooted for the settings to take effect?

Anyway I tried to install again and the exact error message from Windows Installer was: The System Administrator has set polices to prevent this installation.

I can install anything else once I'm in install mode.

I don't know whether this will work but it is a solution that I've seen suggested for this error message (when having problems installing software updates):

Open Group Policy Editor (Start > Run > type Gpedit.msc)

Browse through:
Local Computer Policy
> Computer Configuration
>> Administrator templates
>>> Windows Components
>>>> Windows Installer

and select the option to disable Windows Installer.

If that does work, then I would recommend switching Windows Installer back on once you've done what you need to do.

Let us know if that helps

Hi DJNafey:

I tried this and I'm still getting the same error and frankly, that does not make much sense to me. As I said in an earlier post I can install any other programme once I am in install mode. But I can't seem to install this service pack.

Any other ideas from anyone will be GLADLY accepted

Rissawag2

Originally Posted by rissawag2

I tried this and I'm still getting the same error and frankly, that does not make much sense to me

No it didn't make a lot of sense to me either but it solved this problem for some others in a different forum. Terminal Services isn't something I've ever had much to do with but, hopefully, someone with some more useful advice will be along soon