Allow non-admin users install .msi in Windows 7 Professional


  • Hi, I need configure Windows 7 Professional to perform:

    - Allow non-admin users install (and update) a .msi file.

    I tried creating thie key AlwaysInstallElevated , set = 1, in the registry:

    HKEY_CURRENT_USER \Software \Policies \Microsoft \Windows \Installer

    HKEY_LOCAL_MACHINE \Software \Policies \Microsoft \Windows \Installer

    But didn't work, also, the key (Installer) don't exist, I creat it.

    I also tried create rules in the AppLock, with Hash and Path parameters, but didn't work, and the Documentation says that Win 7 can create rules, but can't apply them, only Win7 Ultimate and Enterprise.


    Thursday, August 26, 2010 7:34 PM


All replies

  • Well you can deploy an msi file using GPO (or config manager).

    That way you don't need to figure out how you can give your users 'admin' rights :).

    Read here on how to do this.

    Don't forget about Alt+Esc!
    Friday, August 27, 2010 6:10 AM
  • Well, I forgot to mention something, we deploy the .msi inside a Cab via Internet. So use the Active Directory maybe is not an option.
    Friday, August 27, 2010 3:51 PM
  • You can deploy your software to the resources (files, folders and registry keys) that are under control of the user, not the system, ie to %UserProfile% and HKCU.
    Friday, August 27, 2010 8:22 PM
  • We don't create any registry key, and even when I deploy to the folder %UserProfile%, Windows 7 prompts me for a Admin User account.

    Monday, August 30, 2010 3:56 PM
  • Hi,


    The following articles might be helpful:


    Installing a Package with Elevated Privileges for a Non-Admin


    User Account Control: Application Update Guidelines


    Best Regards


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    Tuesday, August 31, 2010 1:50 AM
  • Disable the application installation detection group policy?  Wouldn't UAC Virtualization redirect any system file and registry writes?  Maybe you'd have to disable the manifest too.



    Tuesday, August 31, 2010 2:29 AM
  • Sorry for the late feedback.

    Thanks for your help, we used the GPO to allowing instalations from trusted sites.

    Saturday, October 02, 2010 6:26 PM