We're trying to deploy windows 7 professional in an AD environment but need a legacy application to run.
After setting up some extra permissions (modify for power-user) on c:\, c:\program files\<appname>, the application can be run successfuly with the "run-as-administrator" property checked by a power user. Before you ask - the application in question actually writes a temp file to c:\ so yes, all users need modify access to c:\ - Godawful i know.
Problem is, this application is a launchpad for other sub-apps which may get updated regulary. When the user clicks on an icon to run an sub-app, if not installed, it runs setup.exe, at which point the user does not have access to install. Installshield fails, probably because it's trying to write to protected windows folders etc.
These are fontline cashiers who will never have local admin access or be given a local admin password.
My options right now are to make all users member of local admins
install all the sub-applications on an image pray there are no more updates.
i don't really like option A or B.
What I really want is to have the intital app, and all the setup.exe's it calls to have full administrator access to install everything , with no UAC prompts.