Created package for one Software (BLC Insurance Desk) and it’s package behavior is whenever we launch application we getting message "Internet Update did not run" seems during application launch application checking update and due to limited access getting this message this scenario is for domain / non admin users.
Temporary provide admin access to the same users then not getting any prompt and its launch well.
Any though to launch application (Shortcut) with admin privilege for Non admin users through Bigfix…
Here is an example PS script that I run with a different user and as Admin (just need to change the user= parameter; once you run it will prompt you for a password):
parameter “PowerShellexe”="{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry}"
I’ve been doing some research into this, and though I’m not a developer it appears to be a feature in the Windows security model.
We can impersonate the user and run it interactively (with the user’s existing session), but it looks like we cannot elevate a non-admin user to an admin access token unless we create a new login session - which requires authenticating.
I don’t think this is necessarily a limitation in BigFix itself, but in the Windows API / security model as a whole. I don’t know of any way around it.
You should probably pursue getting the application updates to work using the LocalSystem account. A good way to test interactively first is using psexec from https://microsoft.com/Sysinternals
Run psexec -i -s CMD.exe
…to open an interactive command prompt as the SYSTEM account, and then figure out a way to update this application silently.
Then you should be able to deploy that in BigFix without needing any action overrides.
I’m not sure that the original post has anything to do with Bigfix.
My reading is the the application is installed, but when the user launches the application, it checks back to the application provider, finds an update but fails to install the update. Having an application manage its own updates sounds like a nice idea. What doesn’t sound so good is having application update rights for users with Internet access.