We are coming from a Symantec ITMS shop. We are in the process of moving over our content from ITMS to IEM. We are running across some issues with having an interactive install. I’ve seen several posts that basically say interactive installs are not possible without RunAsCurrentUser.exe. Only problem with that is the current user will be an under-privileged user.
We have some installs that require screen clicks that we have worked around with some screen clicking to accept the terms of install and other non-silent install issues. In ITMS, we could work around this with the below policy options:
I feel like I’m talking about my old girlfriend with my new one here. “But she did that, why can’t you?”
So, with a normal “user” user, how can I run an install with admin privileges that is interactive to the user session who is not an administrator on the box?
You are correct that “RunAsCurrentUser” only works if the current user has the correct permissions to do whatever is required. This will work in cases where the installer does not require Admin rights. (Spotify, non-business Chrome, etc…)
First of all, this is a bad practice and I would recommend against it.
Second, It is very rare that there is software I have found that I couldn’t install silently. I’d be curious to know some examples.
Third, and the real answer to your question, You should be able to do this using PSExec. It should allow an installer to run as the SYSTEM account launched through BigFix, but interactive with the user. I don’t have any experience doing this myself, but I do know that some use this method as a work around.
The main use case is for unsigned print drivers. I’ve seen that with other posts talking about it but we cant’ really go to the vendor to get them signed.
I get where your going with this @jgstew. Problem is, there are some poorly set up apps that don’t always play nicely with a silent install. PCMiler was another one. The company sort of baked in a silent install… but not really. And the company didn’t really even support a silent install anyway (per there support). I created a response file and most of the install went silently. But no matter what mode the installer was in, it ALWAYS prompted to register. I had to build an AutoIT script to click “OK” at the end of the installer. My only other option for this app was to repackage it to my own MSI. I suppose I could have but that seemed silly at the time.
Fact is, this is a need. Sometime is it a crutch I’ll admit.
I don’t disagree that there are times where this is an issue and something like AutoIT and/or PSExec is needed, but I would only use it when truly needed, and I would definitely recommend pushing back on your vendors like PCMiler in such cases.
