Yammer Installation Mechanism
The Yammer installation, even the so called "system wide" MSI uses a third party installation routine which is unsigned, the executable located here:
This executes as the logged in user. We have an AppLocker policy dissalowing untrusted executables that are located in user writable space.
This means that to support Yammer in our environment this file needs to be allowed via AppLocker via a hash value. We may not be able to get this passed Cyber Security.
1) When an auto-update runs it will likely fail due to this executable updating with a new hash value. Ideally we would want to trust files that have been signed by a publisher.
2) This executable could install other software we do not want in our environment.
It seems odd that this installation mechanism has been chosen by Microsoft in favor of something enterprise friendly.