RIPs cannot be executed locally on the client computer when "Obtain rights through AClient" option is selected

Article:HOWTO5707  |  Created: 2006-11-09  |  Updated: 2007-05-16  |  Article URL http://www.symantec.com/docs/HOWTO5707
Article Type
How To


Problem
All the RIPs have the following option enabled: Rapidinstall Editor > Edit > RIP Options > Install Conditions > Administrator Rights > Obtain rights through ACient.

We use RIPs in two methods: method 1 is to deploy them through the Deployment Server console which works fine. Method 2 is to copy the RIPs down to the local client computer and execute them manually. The second method is used through logon scripts to automate post software installation hotfixes under the administrator security context (that is, changing file permissions/registry permissions and so on). 

The problem is both existing (created with Deployment Solution 5.6) RIP Packages and new ones (made with Deployment Solution 6.5) are executed without any problem on a computer with AClient version 5.6/6.1 but are unable to execute (there appears no progress at all) on another computer with AClient version 6.5.

Environment
Deployment Solution 6.5 and higher

Cause
In Deployment Solution 5.6 and 6.1, we had a possibility to run a RIP on a computer that you do not have sufficient rights to run and, if AClient is on the computer, it will restart the RIP with admin access. This functionality was removed in 6.5 as it was considered being a security hole. Now if a RIP is set to Obtain rights through AClient, it will silently fail. It does write a log entry to %TEMP%\AltirisTemp\rinstall.log that indicates "This RIP will run through the service."

Resolution
The “issue” described is actually a change of functionality. Design for RIPs distribution needs to be reconsidered.


Legacy ID



29278


Article URL http://www.symantec.com/docs/HOWTO5707


Terms of use for this information are found in Legal Notices