We had
a similar problem here. Ours was an application that was designed for W98 and
our move to W2K3 and XP workstations killed the app. Half the problem with some
of those apps that require admin rights, has to do with the install location or
the default permissions assigned by the OS when the app installs. On this
particular problem, I was able to alter the permissions on the installed
directory and the (2) .ini files(loaded in C:\Windows, go figure) with
permissions for authenticated users. This limited the possible damage to only
the one directory and did not require changing the user or group
permissions at all. You can run a script at login, attached to the user group
through a GPO, that will alter the file permissions on a directory or
file, so no need to visit or remote to every user desktop. An OnErrorContinue
loop will be needed for those systems that might not have the file or directory.
This will help keep the users from calling the help desk about an error box on
their screen when they boot up :)
My
current project involved both the requirement of admin rights and the
installation needed to start itself as a service. WinInstall did not pick up the
service starts when the MSI was created. I ended up with the files all extracted
but no client loaded. The user clicking the client install file did nothing of
course as we were back to the admin rights problem. I tried a number of
approaches to solve the issue and ended up pretty frustrated. I tried embedding
the runas command, vb scripting options to start a process and LoadW angles. I
finally ended up, probably where I should have started, at JoeTools(not a
shameless plug). Sure enough, Joe has a solution to the admin rights issue with
CPAU. Things were looking up. Went to GDG software and picked up a very dynamic
packet builder as well. Created the enclosure file with CPAU then packed the
client exe and the CPAU enclosure into an executable. Copied the files to the
software distrib website and pointed my users at it. It downloads the files to
the user My Docs directory(%mydocdir% in the packet builder.) and then executes
a command(my CPAU enclosure) after the files successfully extract. The packet
builder then deletes the extracted files after a successful execution of CPAU
leaving no leftovers to accumulate.
This
also opens up a number of other options for software distribution and patching
issues that I can see down the road.
Regards,
Ken Jensen
CAPISTRANO UNIFIED SCHOOL DISTRICT DISCLAIMER: This communication and any documents, files, or previous e-mail messages attached to it constitute an electronic communication within the scope of the Electronic Communication Privacy Act, 18 USCA 2510. This communication may contain non-public, confidential, or legally privileged information intended for the sole use of the designated recipient(s). The unlawful interception, use or disclosure of such information is strictly prohibited under 18 USCA 2511 and any applicable laws. |
Title: Message
- Re: [ActiveDir] Using GPO to install an MSI package Jensen, Ken
- Re: [ActiveDir] Using GPO to install an MSI package Jason B
- RE: [ActiveDir] Using GPO to install an MSI package Crawford, Scott
- RE: [ActiveDir] Using GPO to install an MSI package Michael Wassell
- RE: [ActiveDir] Using GPO to install an MSI package McClure David
- RE: [ActiveDir] Using GPO to install an MSI package Jeff Salisbury
- RE: [ActiveDir] Using GPO to install an MSI package Crawford, Scott
- RE: [ActiveDir] Using GPO to install an MSI package Crawford, Scott