MSI Admin Rights

  • Thread starter Thread starter Tim Ford
  • Start date Start date
T

Tim Ford

Guys,

I have an installation that i need to install on a machine that does not
have admin rights. Is it possible to fire the installation from a batch file
passing in the Admin Credintials so the package runs with admin rights.

Thanks Tim.
 
Hi Tim,

InstallShield has a nice article to configure Windows Installer to avoid
impersonation. This will let the installer run at elevated privileges(Local
System Account) all the time.Information regarding these supported methods
may be referenced in the InstallShield Knowledge Base article: Q105140
HOWTO: Creating an Installation That Always Installs Regardless of User
Privileges http://support.installshield.com/kb/view.asp?articleid=q105140

Neo.
 
Please understand that once you set thes policies, the machine can no longer be
considered secure for any purposes (even if the policy is later removed).

Since these policies allow any use to install any software with no security
restrictions, nefarious users can easily install rogue software, trojans,
keyboard loggers, backdoor DLLs, etc. This software may persist on the machine
even if the policy is later removed in an attempt to re-secure the system. The
MSI team strongly recommends NOT setting this policy on any non-test machine.

The recommended way to allow low-rights users to install software is to use a
software control and\or deployment system which restricts the set of products
which low-rights users can install. A variety of such systems exist, or you can
create your own simple system by pre-approving tte software through an
advertisement from an administrative account.

-Chris Gouge
Microsoft Windows Installer Team

This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.

MSI FAQ:
<http://www.microsoft.com/windows2000/community/centers/management/msi_faq.asp>
 
Back
Top