Tag: SysInternals

After installing Rand McNally IntelliRoute software, users may experience the error “Initialization of Client failed: Closing Application”

This problem is usually attributed to inadequate permissions for the user running the application. Please ensure that the folder that Rand McNally software was installed (generally C:\Program Files (x86)\Rand McNally) has Full Control access granted to users. Also, the Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Rand McNally on the workstation needs to grant “Full Control” to users who execute the program at the desktop level.

32bit Installation Error

The above issue had to do with 64bit installation of IntelliRoute. Below is the issue I experienced with the 32bit installation of IntelliRoute.

I installed the application as an administrator and changed permissions on the Registry Key as well as the Program Files directory as noted above. However, I still received the error.

Using procmon, I tried to get some clues as to why it was crashing. I saw a hint that it looked for a file in C:\Users\%username%\WINDOWS\Sysupz.com.

Upon further investigation, this file did not exist for my test user, however it did exist in for the administrative user that I installed the application under.

To test it out, I copied the file to my test user WINDOWS folder and attempted to launch IntelliRoute and it was a success.

To copy the file to all the users on the server, I used the following command:

cd c:\users\
for /d %u in ("*") do copy c:\users\testuser\WINDOWS\Sysupz.com c:\users\%u\WINDOWS\

This seemed to resolve the issue. I’m not certain if the problems with installation are due to it being installed on a Server 2008 terminal server. That system is slated for migration to Server 2019 in December, so hopefully the IntelliRoute software will not give me problems then!

TL;DR

GoFileRoom made changes to their encryption by using TLS1.2. In order for GFR add-on to work in Windows Server, you must modify 2 registry entries for .NET enforcing strong encryption. For GFR website to operate, you need to ensure TLS1.2 is enabled as well.
Here’s the GoFileRoom technical notes on enabling this via Registry: http://cs.thomsonreuters.com/ua/gfr/digita_uk_en/kb/recommended-registry-changes-for-tls-1-2.htm?mybanner=1

How I got here…

Let me preface this with the fact that GoFileRoom is not officially supported on Server 2016, so my troubleshooting process was skewed because I was thinking there was an installation problem or some other incompatibility issue.

The GFR Windows add-on recently stopped working as reported by users on a terminal server.  The error being thrown was right at the logon prompt of the GFR Add-on with the following message:

The service you are trying to reach is unavailable. Please try again later.

Digging around the system, I managed to find a logfile that GFR saves to, it is located in %APPDATA%\GoFileRoom\GFRControlPanel\logs

The log file didn’t give me a single hint:

[GoFileRoom.GFRUser]:[Login] Web Exception: The request was aborted: Could not create SSL/TLS secure channel.

When in doubt… procmon!

This didn’t directly answer any of my questions as to why… so, when in doubt, procmon!  I went and grabbed ProcMon from SysInternals and ran it during a GFR session so I could figure out if there was some incompatibility.
ProcMon didn’t give me much of anything.  I saw it was attempting an HTTPS connection to member.gofileroom.com, but nothing abnormal in terms of compatibility problems or something.

I went back to the GFR logfile message and did a quick Google for The request was aborted: Could not create SSL/TLS secure channel.
The first result was a StackOverflow post and it was a great post with two points of interest to me:

1. Mentions of TLS 1.2 via HTTPWebRequest method
2. SChannel logging

This got the wheels in my head turning — There was one specific comment that said to look for a TLS 1.2 support issue and another comment about enabling logging for SChannel.

I knew IE was configured with TLS properly as that was one of the first things I checked (per GFR installation guidelines).  But there’s something different here.  It seems the GFR add-on is calling an HTTPWebRequest method and that is where this error message is being generated from!

Further into the thread of comments and proposed solutions, there was a note about enabling SChannel – totally forgot about this as I wasn’t thinking it was a TLS negotiation issue!  I enabled SChannel logging at level 7 (all messages) and reproduced the error.  Fired up event viewer and saw what I needed:

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

No idea what code 40 is, so off to MSDN.

An MSDN article tells me it is a handshake_failure.  Awesome, now I have a better search term to try for Google: gofileroom tls

Guess what?  First result is a GoFileRoom KB article.  See the TL;DR for the link.
#net-framework, #gfr, #gofileroom, #tls