I made an installation NAL object of Visio 2007. Since there is a high license price on the use of Visio 2007, only some users have access to this NAL. Some users also install this application on the PC of collegues, since the NAL is bound to their userID and not their PC.

To prevent this, I added a registry key to the installation NAL for checking purposes.

I have one NAL that all users have as a Force Run that deleted this key.

Then I added a NAL that deinstalls Visio 2007, after checking if the Visio-executable exists AND the registry key does not. This is linked to all my users and is force run.
To make sure that users that do have access to Visio 2007 don't get the deinstallation, I made an fourth NAL that put the registry key in place again that is only linked to my Visio-group. This fouth NAL is linked by application dependency to the Uninstall NAL.

In theory this should work well and users that do have access to Visio shouldn't get a deinstallation, because they have the registry key always.

Now I noticed that even though the users have this key, they still get a deinstallation of Visio. This made we wonder about the order that NAL's work.
When does a NAL check for its Distribution Rules? Is this before the application depencies are run?

What is a good way to make sure that Visio 2007 (or other applications) are automaticly deinstalled if users don't have access, are not in the correct appliaction group?

Thanks in advance.