Software Deployment Question
Software updates require administrator privileges, users are not local administrators.
I work IT support for a midsize company, and we are experiencing some pains when it comes to administrative rights. We are transitioning from XP to Windows 7, and are running into a few permissions issues. We use a program to manage payroll. The majority of the users that managed payroll were on Windows XP. When the program needs to update, it runs an .exe. On XP, there was no issue running this update. When these payroll users were moved to Windows 7, we discovered that running these updates required administrative credentials. At first it was a minor inconvenience, one of our techs would go by and enter the credentials (about 3 times per update). As the number of users grows, we are wasting more and more time putting these credentials in.
Is there a way we can push this update out via kbox? Or perhaps with AD? I have been reading that you can 'advertise' an application via AD, and that any user can install an advertised application without administrative rights. Do any of you have any experience with this? My other thought is writing a PowerShell script that gets the username, elevates the user to an administrator, installs the update, and then demotes the user. Do you think this is possible?
Thank you for any help!
TL;DR : Need away for underprivileged users to install updates via an .exe without tech support intervention.