Hi, I’ve been trying to set up group policy to push windows updates once i am sure they won’t conflict with other software and also push programs to employees without me having to physically go to their workstation to do it. The problem I’ve been having is their privileges aren’t high enough. The programs and updates don’t get pushed because they don’t have admin privileges. Is there a way or a script to run to change the privilege level and then schedule the updates and program pushes to happen when those privileges are elevated? Or maybe a better way to achieve this?
I don’t think you need to elevate the user permissions to install updates or software to Group Policy. They might just need access to a network share. Check the following for deploying applications:
For operating system updates, you should be ok with WSUS. Just approve the updates to a group of computers no need for the user to have admin privileges.