Installing Custom Office 2003 Addin via GPO or SCCM

Posted on 2010-11-10
Last Modified: 2013-11-21

We have recently been asked to delpoy 3 components via GPO or SCCM to ensure all computers get them and also to save IT staff from having to walk to each computer and install manually.

We are doing this with a simple batch file that runs each setup in turn silently and this works fine with manual installs as an Admin account. If we do the same script in a GPO or SCCM, the software all appears to install correctly with success entries in the Windows event log, but the Addin will not appear in Office. Also if the script is run manually this addin works for all users.

"\\servername\vstoseruntime\vstor.exe" /q
msiexec.exe /i "\\servername\office2003pia\o2003pia.msi" /q /l* "C:\windows\PIA_Setup.log"
msiexec.exe /i "\\servername\protective markingsetup.msi" /q /l* "C:\windows\PM_Setup.log"

One other thing is that with SCCM there is an error in the log about not being able to elevate privellages for the o2003pia.msi file, even thought it is set to run with elevated privellages.

I have been trying to work out why this will not install as the System account as it does for a user account and an coming up with nothing after searching through many sites.

NB: We have many other GPOs and SCCM installations that work fine with batch files, msi and setup.exe and this is not 'how to use GPO or SCCM issue'.

All help is much appreciated.

Question by:Scott_Gardner
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 10

Expert Comment

ID: 34110182
When you're running programs from within a batch file in SCCM you are elevating the batch file rights, not the rights of the files being launched inside it.

What about adding those files to your package distribution, and calling each command line from within a program and linking the programs?


Author Comment

ID: 34110551
All of the files install as they are running in the context of the SYSTEM user in the GPO, which has full permissions to the computers. The event log shows that the installs were successfull also and you can see the installed products in Add / Remove section on computer. The only difference is that the addin does not load. I have checked in the Disabled Addin section of Word and it is no listed, although it is in the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\. I have even run the Microsoft PSS VSTO 2005 Client TroubleShooter  and this shows that all is installed as required.
LVL 10

Expert Comment

ID: 34110594
I think I know what the issue is.... we had a similiar problem deploying vsto addins for all users and we implemented a hotfix and added extra code to the addin in the registry for this to work.   have a read of this site and it may assist you.

Author Comment

ID: 34110972

The thing is that this works perfectly fine and applies to all users if we run the batch file once in an Admin account. The same can not be said if run it from GPO or SCCM. Is the VSTO or o2003pia.msi needing to do something when installing that the SYSTEM account can't perform. It would not be so bad if the install at least failed, but it says successfull in the event log for all 3 components.

LVL 10

Accepted Solution

Kezzi earned 500 total points
ID: 34111350

The system account has no profile whereas the administrator account does.  The above articles explains why the sytem account is used during windows installations as technically both have the same permissions.  So I imagine its because msi cannot find the "profile related" areas it needs to update it.

Also, do you know if the ALLUSERS property is set to 1 or 2?  To make sure, add this to your msi command line : ALLUSERS=1
that might help it install properly under an all users context instead of per user

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
Why pager replacement is still an issue OnPage has what some might call a “hate/hate” relationship with pagers. Not much room for love. As we see it, pagers are an antiquated bit of technology. Pagers are dinosaurs which, like most dinosaurs, sho…
The viewer will learn how to simulate a series of sales calls dependent on a single skill level and learn how to simulate a series of sales calls dependent on two skill levels. Simulating Independent Sales Calls: Enter .75 into cell C2 – “skill leve…
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question