Link to home
Start Free TrialLog in
Avatar of get-ADuser -F ($_.Name -eq "Todd")
get-ADuser -F ($_.Name -eq "Todd")Flag for United States of America

asked on

AD Group Policy software restrictions but need to install software in user profile

I had a question come up from a technician here that is having a problem with some installations that he needs to install remotely.  We have an AD in place where the Group Policy is set to software installation restricted.  What he has been doing is creating an OU without that restriction and moving the users effected to that "temp" OU then install while logged in as them.  He told me this software needs to be loaded while in the user profile in order to work within their account.  It is time consuming and disruptive since we are using VNC to remote log in to these places across the state.  Is there anyway to install software at the user level, while logged in remotely as the user, install, without going the route of getting into the server, and moving users into a different OU?

Thanks for any help.
Avatar of MHMAdmins
MHMAdmins
Flag of United States of America image
he can login while they are on and shift+right click the executable and run as other user or as administrator and do the install without all that other mess.
Avatar of get-ADuser -F ($_.Name -eq "Todd")
get-ADuser -F ($_.Name -eq "Todd")
Flag of United States of America image

ASKER

He said that he tried that and it still didn't work...
SOLUTION
Avatar of Sandesh Dubey
Sandesh Dubey
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Avatar of McKnife
McKnife
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of get-ADuser -F ($_.Name -eq "Todd")
get-ADuser -F ($_.Name -eq "Todd")
Flag of United States of America image

ASKER

I am so sorry for being late on this.  I have started a new job, and when asking this question, I tried to get a quick solution as I thought that it was a priority.  However, my boss is great and gave me time to learn the system.  I am splitting the reward points as you were both right in the questions you asked and GP.   The solution is Additional path rules.  I set up a directory on the server to allow certain executables run for the help desk dept when they are VNC'd to different computers.   The software needed were small programs that helped the desktop team solve issue.  In this case, they wanted to install PFBackup.exe on machines to backup certain users Outlook Email.  I placed the .exe in the additional rule directory and it worked like a charm for the help desk people.   Again sorry for the tardiness.  I am not usually late.  And actually help out with Access questions, etc.   BUT its a new job!   lol...

Thanks again!
Avatar of get-ADuser -F ($_.Name -eq "Todd")
get-ADuser -F ($_.Name -eq "Todd")
Flag of United States of America image

ASKER

Additional Path Rule in Group Policy did the trick