cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

secure - permirssions

CChong
By Level 11 Flexeran
Level 11 Flexeran
We are in the process of "moveing from a movell netware based LAN to a Windows2000 based LAN"

all our computers are windows 2000 (server and professional)

We are "locking down the desktops" meaning no user will be a member of the administrators group.

I have some software that i have repackaged and i works just fine when installed by a administrator and fails misserablly under a regular user.

What should i do to figure what needs to change in the repackaged MSI file to allow a non-admin user to install the software.

PLEASE HELP

Paul
(3) Replies
If you are deploying your MSI packages via Group Policy in AD, it will allow users to install managed applications with elevated privileges (higher than admin privilege).

This privilege can also be set on individual workstation using gpedit.
I would suggest you begin by looking at the pages in msi.chm called "machine policies" and "user policies" for a key you can set called AlwaysInstallElevated

looeee
If running MSI's with elevated privledges does not meet you Security Guidelines you will have to deal with unsecureing directories and Files. The LockPermissions table houses all of the entries you will need. If you take this approach I would suggest getting yourself a copy of FILEMON and REGMON so you can see what files are being accessed during application preload.