We were trying to install a package on a server that had been partially hardened. Every time we ran the file (just in case anyone runs into this issue with the same file it was: jdevstudio11114install.exe) we got an error that said that "Windows could not find the device, file, or path. Make sure you have permissions to the directory". When running the file from a command prompt we got "Access is denied".
Troubleshooting:
We checked the file properties, there was no "unblock" option.
We checked the file permissions, we were both local admins on the box and the file didn't have any deny permissions set, effective permissions were set to full control for my account.
We checked the local security policy and there was nothing strange going on there.
We made sure the antivirus and HBSS were disabled.
I ran procmon to see what was getting an error, I got a number of NAME NOT FOUNDs and INVALID DEVICEs but it ended with a series of SUCCESSES and there were no ACCESS DENIED. Further, it didn't tell me what name wasn't found or what device was invalid.
Finally, we tried the file on a number of other computers and it ran successfully on all of them.
Solution:
I figured there was something going on with the files within the exe. I renamed the file to ".zip", opened up the file in windows explorer and extracted all the files.
There was an autorun.inf file on the root of the exe. I copied the command it was supposed to run out and ran it from the command prompt successfully.
Diagnosis:
The server seemed to have an issue with either some sort of special character, the length of the file path or the depth of the files inside the exe. There was probably a registry setting set by the hardening process that cause the issues, but the work around was successful and it wouldn't have to be used again after this install. It doesn't seem to affect the other applications and services running so it wasn't worth digging deeper.
I'll keep this little trick in my back pocket in case I run into any mysteries again.
No comments:
Post a Comment