LinkBack URL
About LinkBacks
Reply With QuoteThere are a few different options to do this, but none of them are necessarily out of the box solutions.
First, you can certainly figure out what files and registry keys the updates needs the ability to modify, and then modify the ACLs on all of those files to allow for that. You will most likely also need to grant rights to regsvr32.exe to allow for the registering of addtional .dll files. It's not a pretty solution, but you can change file ACLs with a GPO.
You can use a freeware tool such as this one to launch the application in the first place, which has the potential to grant the elevated rights you are looking for:
http://www.joeware.net/freetools/tools/cpau/index.htm
If you change the shortcut to launch a script which uses this tool to elevate the rights, that might do the trick. Of course, there would be a script with a username and password somewhere on your system/network that someone could find and use.......
There is also a third party GPO extension from a company called BeyondTrust that will do EXACTLY what you want. You can elevate the rights of a specific process to have administrative rights on a machine so that a user, who doesn't have elevated rights, could update the application.
BeyondTrust, and other third party group policy solutions can be found here:
http://www.gpanswers.com/solutions/
Hope that helps
Eric
