Group Policy setting "run only allowed windows applications" fails on Windows Terminal Server

  • 7007611
  • 20-Jan-2011
  • 30-Apr-2012


Novell ZENworks 11 Configuration Management Policies
Novell ZENworks 10 Configuration Management with Support Pack 3 - 10.3 Policies
Microsoft Windows Server 2003 Terminal Server


A group policy has been created in the management zone with the run only allowed windows applications option configured with multiple executable names.

Only half of the configured applications can be actually launched after applying the group policy through ZENworks Configuration Management.


For ZCM 10.3: This is fixed in version 10.3.2 - see KB 7007237 "ZENworks Configuration Management 10.3.2 - update information and list of fixes" which can be found at
For ZCM 11: Reported to Engineering


Reported to Engineering

Additional Information

This group policy application white list gets represented by group policy related registry entries with a numbered list of the executables names. On a Windows 2003 Terminal Server a list with only the odd numbers gets created.

The fix changes the way how the application list gets generated in the Windows registry to avoid the issue.