Does secedit command can be runned using non admin accounts
Hi,
I am currently working with an application which is msi. The client has requested to add secedit command to configure an security settings. But when i try to run the script with admin account it works but when i try to run with standard users it si not working. Now my doubt is does secedit account requires admin rights for installation .If so what should i do to add to execute the same script in msi?
Kind Regards,
Yuvi
I am currently working with an application which is msi. The client has requested to add secedit command to configure an security settings. But when i try to run the script with admin account it works but when i try to run with standard users it si not working. Now my doubt is does secedit account requires admin rights for installation .If so what should i do to add to execute the same script in msi?
Kind Regards,
Yuvi
0 Comments
[ + ] Show comments
Answers (2)
Please log in to answer
Posted by:
cygan
14 years ago
in application packaging terms hope you do understand what "locked - down environment" means
admin user - admin rights
standard users - restricted rights in a locked down environment
you just need to run your secedit script as a custom action in your msi
immediate execute
after install finalize
Not Installed as the condition
type 34 custom action
admin user - admin rights
standard users - restricted rights in a locked down environment
you just need to run your secedit script as a custom action in your msi
immediate execute
after install finalize
Not Installed as the condition
type 34 custom action
Posted by:
AngelD
14 years ago
A deferred Custom Action must execute between the InstallInitialize and the InstallFinalize action.
For Vista and above you must add the msidbCustomActionTypeNoImpersonate bit (In-Script Execution Options) to the CustomAction.Type column field due to UAC, this is of course recommended for all deferred custom actions for any operating systems.
For Vista and above you must add the msidbCustomActionTypeNoImpersonate bit (In-Script Execution Options) to the CustomAction.Type column field due to UAC, this is of course recommended for all deferred custom actions for any operating systems.
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.
