I'm stuck with an issue regarding Java which is a real pain in my ass.
I'm managing small office networks where I get great results using AD and GPO to set everything up and automated. In each of this small companies, I have a "key user" which is a little more used to IT and can do basic tasks, so I granted him/her a separate Admin account to get thru the UAC prompts and unlock some situations without the need to contact me.
BUT
Java needs admin privileges to update.
Java is bothering sometimes every week with a new update.
Even when selecting Remind later, after some weeks the Java plugin is disabled because it is marked by Sun as Obsolete.
Java plugin is critical in their offices because it is used by their partner's VPN portal, mandatory for them to work everyday, all day.
So, I have my key users going from PC to PC to enter the admin credentials so Java can update, and they feel kind of bored of doing this almost every week.
Giving end users admin privileges is not an option because they used to have it, and kept installing crapware and visiting untrusted websites (impossible to set strict rules in small offices like you can in big companies).
Using an update management software is not an option because too expensive for those small offices.
Downloading an MSI and setting up a GPO or worse, an WSUS server rule every week is also not an option because it's too complicated for those key users.
So, what could be a solution for this ? Isn't there a way to setup a Windows Service on every client computer that could run under an admin account and run a silent command every week or so to silently update Java without UI ?
Best Answer
I have the same situation as you are, and I ended up writing my own script based on someone's work and run the script using scheduled task.
You may find the script I used at https://github.com/VeryCrazyDog/Auto-Java-Updater.