I created a batch logon script that checks and removes old versions of a specific piece of software and installs the newest version. Both the install and uninstall process use an .EXE file. The script works great if the user is an administrator, but because logon scripts are run with user permissions, it fails with a normal end-user account.
What is the best way to have the logon script run as an administrator?
Best Answer
This is a poor use case for login scripts. A startup script or a scheduled task can both easily run as the SYSTEM account take care of your software installation.
Generally I suggest using some kind of deployment system - SCCM, Patch Manager, Puppet, etc - but there is a quick and dirty solution available if you have a 2008+ domain.
Basically it is scheduled task deployed as a group policy preference. This can be run under the SYSTEM account to provide admin rights. Combined with item level targeting you can easily install only when your conditions are met.