Andy,
We originally thought in order to install the Symantec Management Agent on an end-users machine that the Altiris Service Account needed local admin rights. Our steps to push the agent are as follows:
- Actions > Agents/Plug-ins > Push Symantec Management Agent > Rollout Agent to Computers
- Input Machine Name then click “Add”
- Highlight Machine then click “Install" (or "Settings")
We left the check mark OUT of the line below (in italics) that is found in "Settings" because we believed that it would be proper to let the Altiris Service Account (application credentials) install the agent. For that to work, it seemed we needed to make sure the Altiris Service account has local admin rights to any machine in order to push the agent.
Use the following admin account instead of application credentials
Is that not a good practice?