We were at 7.2R8.
When 7.3.x code was blessed by sypport for use on out 6500 FIPS boxes, we got the desktop team to deploy JIS 7.3.6.
Our understanding is that JIS 7.3.x will work with any version of 7.3.x code.
By they time it had been broadly deployed, 7.3R7 had been released and blessed, so we installed 7.3R7.
For over 90% of machines, there were/are no issues (it's been a month).
However, for a handful of machines, our users still get a UAC prompt. Most of our users don't have admin rights, so they are stuck. Even for users with admin rights, the prompt comes back with every logon.
Support had us remove it and try JIS 7.3.7 or 7.3.8....still the issue remains.
How do we go abotu troubleshooting WHY JIS would fail to work properly? Any other recommendations?
What we have a situation where, on Win7, our users have no admin rights.
the JIS SHOULD faciliate the installation of Juniper components.
But, on roughtly 10% of our machines users are getting prompted for admin creds. If we give the users admin rights and they enter their creds, then it works.
Support says it's a UAC setting.....That the problem goes away if you disable UAC.
That isn't a solution, and it works just fine on 90+% of our machines.
So, how do I troubleshoot why JIS isn't "catching" the installation of a Juniper component.
If the users with problems use Firefox, check if the Java add-on is updated.
Nowadays, if Java is deprecated because a security vulnerability, Firefox disable it.
And Juniper software in Firefox/Chrome depends on Java to run their stuff.
Did you ever find a fix for this? Ive been dealing with the exact same issue -- everytime we upgrade (been in the 7.4 code), about 1 out of every 10 users (mixed Windows 7 x32/x64 bit systems) who do not have admin rights comes back with messages that they cannot install the latest client. We have deployed the Juniper Installer Service but its been useless since the only fix has been to manually remove the older juniper service then install the latest as Admin.
On one upgrade attempt, we tried to redeploy the latest msi to everyone but it caused even more issues with duplicate installer names showing up in the control panel.
Frustrating especially since there is no workaround to this when they are offsite trying to work from home.
actually we did find the cause.
on the actual exe for host checker
(c:\users\username\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe), if you right click on the exe and go into the properties, under compatibility, there was a checkmark set to "run as administrator"...
removed it and poof, problem went away.
There is a registry key that you can delete as well. It's a list of what exe's should be run as admin.
Had the key mass-deleted and no more issues.