Rioku

Try to read the whole suggestion before you comment. With a local installation source which is the most common and recommended by Microsoft, the users do not need access to a network source because the files that they need for updates will be on their computers.

After a lot of reading it seems that admins are divided on the issue of "Install with elevated privileges". Many say that it is only a minimal security risk where as others say that it is a major security risk. Because I am supposed to be making the system more secure there must be another way to not have these permission issues that occur. Should I set up office differently and soon I will be distributing office 2003 which might have the same problems, what did everyone else do?

Through my understanding of installing with elevated privileges, this setting allows the smarter users or maybe even spy ware to run any MSI that they want to. I might be able to not allow users to execute MSI's but I am not sure how successful that will be. What do you think?

I think the real question is how you are distributing office 2003. If you are using SMS or active directory then you should have no worry about the users getting to the MSI file. If you are having the users execute the MSI file to install office then you should be able to deny them permissions to the folder where the MSI is and create a shortcut somewhere else that points to the MSI make the shortcut read/execute only and the only thing the users can do is install office by executing it. If this does not solve your question try explaining what your plans / current situation is a little more Also you can deploy with a local instalation source and that will eliminate the need for them to acces the network share.

I have done a lot of searching and have been unable to locate and answer to my problem. If someone could point me in a direction or help me out I would greatly appreciate it. I have office 2000 deployed via active directory using a transform file to customize a few settings like what server outlook should point to and what should/should not be installed. This seems to be working well but after the installation is where the problems occur. note: normal users on my network have limited permissions, I think the main issue that applies to this is they do not have permissions to install (and this can not be changed as a solution). Periodically office 2000 tried to install "something" while the user is using the computer. The only install that I know what is going on is when Outlook is run for the first time it associates itself with the settings set in the transform file. And if say Word is run first then an installation process is run that configures the office shortcut bar. About the shortcut bar; for a normal user if the shortcut bar is open and the configure/install process executes it errors. If you close the office bar then it works fine. For an administrator it does not matter if the bar is open or closed the process completes. About the outlook and other "random" installs"; the only time it does not throw an error is if and administrator is logged in. And the last issues is that a normal user can not tell outlook to be the default mail client. Every time the user logs on Outlook asks if it should be default again. The "solution"( if you can call it that) that I have come up with is changing the users permissions and logging them on as an admin and have them run all the installation/configuration process that I know of. This seems to be working in most cases, but if there is a way to make it so that the installation/configuration process can complete under normal user privileges that would be great. I am hopping that most of you have gone through the office 2000 issues and will be able to look back on the solution you found years ago. Thanks in advance and sorry for the long post, ~Rioku