Start Free Trial

asked on

Using GPO to deploy msi that will not install as local admin on win7?

So we have deployed many msi's fine on our lan using GPO.

Issue i have with this msi is that it won't install as local admin. I have to use the domain admin account.

The 3rd party co has provided a script/batch file to run it with msexec -i switch. Seems pointless. Also the msi seems to copy and register 3x ocx files.

Could there be a way to sort?

Thanks

ASKER

could the msi have a setting in it to say run ad domain admin only? could i use orca to edit the msi and change this to anyone?

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

UAC is off.

I have a different msi from a large company which installs fine manually as the domain user account, not not permissions issue.

Sure it works elevated, but i want to be able to run it under user profile.

ASKER

so i can add it to GPO

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

okay will give it a go on GPO.

And update.

ASKER

well gpresult and modelling wizard show its applying ok, but i don't see it in progs on PC nor do i see any errors on the client machine.

ASKER

there is also a batch file which runs msexec -i....

ASKER CERTIFIED SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

assigned fine.
system log shows its failed.

Why did it, what's the complete error?

ASKER

the isntall of application 'app name.msi' from policy 'appname' failed. The reason was: %%1612

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

nope, using UNC path.
i added our global group and can install the the msi from here manually using admin account.

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

type: psexec -s -i cmd?

ASKER

if so, this fails to install service.

The syntax is correct but it needs to be executed on an elevated command prompt.

ASKER

opens in new cmd window
type unc and cannot access it e.g. \\server1\

Please clarify... what did you type in and what was the message?
If the message is showing it cannot access the msi, then clearly, your Access permissions to the share or file are wrong. Add authenticated users with read permissions.

ASKER

psexec -s -i cmd
in new cmd: \\server1\activex\

...and now the error message.

ASKER

sure. but just typing the unc path isnt going to work is it?

Please quote the complete error message first.

ASKER

'\\server1\' is not recognised as an internal or external command, operable program or batch file

SOLUTION

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER

hmm, access denied.

ASKER

and that is using my account, a domain admin....

ASKER

added authenticated users to share and NTFS side and can run/access it. will see what happens...

This was expected. the psexec test uses the -s switch. That means, it is no longer executed as "you", the domain admin, but as the computeraccount (problemcomputer$).

ASKER

okay do you think it will install now?

I don't see why not.

ASKER

its there, well done!