Metro Apps crashing after installation of LANDESK Agent

Version 4

    Verified Product Versions

    Endpoint Manager 9.5Endpoint Manager 9.6

    Problem

     

    APPLIES to LDMS 9.6

     

    LANDESK has identified an issue where on a Windows 8.x system some metro apps may no longer launch correctly after installing LDMS 9.6 on the client. After the agent is installed and a user tries a metro application you might see the application crash and throw a message in the windows event viewer similar to this:

     

    Log Name:      Application
    Source: Microsoft-Windows-Immersive-Shell
    Date: 01/05/2015 8:28:20 AM
    Event ID:      5973
    Task Category: (5973)
    Level:        Error
    Keywords: 
    User: DOMAIN/USER
    Computer:    COMPUTERNAME
    Description:
    Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: Access is denied. See the Microsoft-Windows-TWinUI/Operational log for additional information.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
        <EventID>5973</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>5973</Task>
        <Opcode>0</Opcode>
    <Keywords>0x2000000000000000</Keywords>
        <TimeCreated SystemTime="2015-01-05 T15:28:20.038953300Z" />
    <EventRecordID>58293</EventRecordID>
        <Correlation />
        <Execution ProcessID="13464" ThreadID="15564" />
    <Channel>Application</Channel>
    <Computer>COMPUTERNAME</Computer>
        <Security UserID="SID" />
      </System>
      <EventData>
        <Data Name="AppId">Microsoft.SkypeApp_kzf8qxf38zg5c!App</Data>
        <Data Name="ErrorCode">-2147024891</Data>
      </EventData>
    </Event>
    

     

     

    From the TWINUI Log

     

    Log Name: Microsoft-Windows-TWinUI/Operational
    Source: Microsoft-Windows-Immersive-Shell
    Date: 01/05/2015 8:28:20 AM
    Event ID:      5961
    Task Category: (5961)
    Level:        Error
    Keywords: 
    User:DOMAIN/USER
    Computer: COMPUTERNAME
    Description:
    Activation of the app Microsoft.SkypeApp_kzf8qxf38zg5c!App for the Windows.Launch contract failed with error: Access is denied..
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Immersive-Shell" Guid="{315A8872-923E-4EA2-9889-33CD4754BF64}" />
        <EventID>5961</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>5961</Task>
        <Opcode>0</Opcode>
    <Keywords>0x4000000000000000</Keywords>
        <TimeCreated SystemTime="2015-01-05T15:28:20.038953300Z" />
    <EventRecordID>15157</EventRecordID>
        <Correlation />
        <Execution ProcessID="13464" ThreadID="15564" />
        <Channel>Microsoft-Windows-TWinUI/Operational</Channel>
    <Computer>ComputerName</Computer>
        <Security UserID="SID" />
      </System>
      <EventData>
        <Data Name="AppId">Microsoft.SkypeApp_kzf8qxf38zg5c!App</Data>
        <Data Name="ContractId">Windows.Launch</Data>
        <Data Name="ErrorCode">-2147024891</Data>
      </EventData>
    </Event>
    

     

    Cause


    Registry and or file system permissions may have been changed from their defaults. 

     

    Solution


    The fix to issue is a two part solution preventing/fixing the systems so they are no longer breaking and then repairing a broken system.



    Part One: Stop new systems from breaking and repaired systems from becoming broken again.

     

    Install LDMS 9.6 SP1 to the core and agents

     

    Or


    Patch the LDMS 9.6 Core with VUL ID: LD-236875-96

     

    Once you apply this patch to the core the next time Vulscan runs (security and patch manager) on the client side file(softmon) should be auto updated( if you have configured your client systems to run security scans with the /NoUpdate (manual step) you will need to run the client patch or client vulnerability associated with this).

     

    Neither applying SP1 or patch 236875-96 to a client will repair already broken systems. In order to repair systems in a broken state please proceed to part two.

     

    Part Two: Repairing broken systems

     

    The second part is the repair of the broken system.


    To repair either LDMS 9.6 or  LDMS 9.6 SP1(agent upgraded) agents you need to download and run Vul ID: Fix_Permissions_in_registry_for_Items_under_CLSID. against all detected machines. This vulnerability ID is located in the LANDESK updates section of patch and compliance this is available for all LANDESK customers.


    This needs to be ran on the client systems that broken, since this is a patch definition you can repair these systems using the repair method of your choice or set the patch to autofix. We have added a verbose logging switch to this so everything we find and repair with this definition will be outputted the vulscan log for your review.


    Note:

    Depending on size of registry and speed of machine this definition might take some time to complete( in testing we averaged 7 minutes).This might appear to be hung and you will see nothing being written to the vulscan log, please let vulscan run as powershell logs everything at the end of the job.



    For more information on using the Patch and Compliance tool please see:


    Patch Manager

    LANDESK 9.6 Help - Patch and Compliance