Autodesk Inventor® Hardware Web Site

Print this page

Last Updated
8/17/2010
Frequently Asked Questions



Click here to see all FAQ entries Show List

48. What are the problems with using BlackIce
Problem:
  • (Only for systems with BlackIce or RealSecureDesktop installed)
  • When creating an administrative image of AutoCADM, you get an error message: Error 1304.Error writing to file: ...AdminImageProgram FilesCommon FilesMicrosoft SharedOffice 10riched20.dll. Verify that you have access to that directory.

    • Cause:
  • During installation of AutoCADM, riched20.dll is supposed to be copied to ...AdminImageProgram FilesCommon FilesMicrosoft SharedOffice 10. When installed off local media, there is no problem since BlackIce (version number 7.0eoa.) or Real Secure Desktop Protector does not "see" the copying of the riched20 file.
  • However, when AutoCADM is installed off the network (as in the case of creating a deployed image), BlackIce "sees" the transaction and blocks the copy. BlackIce sees the copying of the riched20.dll file as akin to the propagation of the Nimda worm. Please see http://www.iss.net/security_center/reference/2002710.html for more info on the error.
      • Solution:
    1. Disable BlackIce. Install AutoCADM. Enable BlackIce.
    2. In case the solution above is inconvenient, you can follow the steps below
      1. Verify that your systems have been patched and are not vulnerable to the Nimda worm
      2. Trust the event of copying riched20.dll by following the steps below:
        1. Right click on the event in the Desktop Protector GUI and select 'Ignore Event->This Event'. This will create a trust issue rule that will prevent this event from triggering on this agent only.
        2. If you would like to trust the event on all of your agents,
          1. Go into your Intrusion Detection Settings->Custom Value Details and click on Add.
          2. Then, enter the Name as 'trust.issue' and the Value as '2002710' (or the specific event number in the Event log of RealSecure Desktop Protector). This will ignore this event from any source on all your agents.
    Note: (If "Ignore this event" is grayed out you will have to implement the change at the SiteProtector level. There is an option that either allows or disallows the end-user from changing their protection settings. The 'Intrusion Detection Settings' section is a part of the Desktop Protector policy, which is modified through SiteProtector. Open the policy through Manage->Policy... and select the policy you are using for your agents. Then go into Network Protection Settings->Default Settings->Intrusion Detection Settings. If you are using the Adaptive Policy functionality, you will need to make the modification in Network Protection Settings->Adaptive Policy Settings->Corporate Network->Intrusion Detection Settings and Network Protection Settings->Adaptive Policy Settings->VPN->Intrusion Detection Settings. If you are not the one responsible for managing the Desktop Agent policies for your company, you may need to forward this information to the person who handles that configuration.)


Note: It is highly recommended that you download and install the driver certified on this web site before reporting problems.