Unable to Install Silverlight – Error 1625

unable_to_install_silverlight

I was unable to install Silverlight on a Windows 2003 server, it failed with error 1625.

I took a look in the %TEMP%/SilverlightMSI.log and found this entry “This installation is forbidden by system policy.  Contact your system administrator.”

This was strange as we don’t have any GPOs to restrict software and UAC wasn’t a factor.

A few lines up there was another entry “Machine policy value ‘DisablePatch’ is 1”.

I opened up Regedit, navigated to HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsInstaller and changed the ‘DisablePatch’ entry to 0.

Bingo! This time the installation was successful.

Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy

We’re currently deploying Lync 2010 and needed to provision some certificates for the Edge server from our internal PKI environment. The Lync certificate wizard was used to generate the request and when it was submitted to the CA we got this error:

“Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy.”

We use a custom template based on the default WebServer template shipped with Windows Server. The template “friendly name” contained spaces such as “Contoso – Web Server” however the “short name” removes these and is referenced as “ContosoWebServer”.

During the certificate request process in Lync Server 2010 you can specify an alternate template to use for the certificate. During this process we had specified the friendly name and not the short name which resulted in the error.

Once we changed the Lync Server 2010 certificate request template name in the wizard to the short name, the CA issued the certificate without issue.