PSADT 4.1.7 Installation fails if user w/o admin rights is logged on (sometimes?)

Small application should be installed, done via SCCM - deployment type is set to "Install for SYSTEM" & visibility "normal"

Login failed: The user does not have the required login type on this computer.

but in the logs you can see

Current process is running with user account [NT-AUTORITÄT\SYSTEM] under logged on user session for [DOM\USER]

yes, the app is running under my default user account but installed should be done via SYSTEM user

if i run it with my client admin account it works - what did i miss?

from the PSADT script, variables

##================================================
## MARK: Variables
##================================================

# Zero-Config MSI support is provided when "AppName" is null or empty.
# By setting the "AppName" property, Zero-Config MSI will be disabled.
$adtSession = @{
    # App variables.
    AppVendor = 'Timo Kössler'
    AppName = '2FAGuard'
    AppVersion = '1.6.3'
    AppArch = ''
    AppLang = 'MUI'
    AppRevision = '01'
    AppSuccessExitCodes = @(0)
    AppRebootExitCodes = @(1641, 3010)
    AppProcessesToClose =  @('2faguard', @{ Name = '2faguard'; Description = '2FAGuard' })
    AppScriptVersion = '1.0.0'
    AppScriptDate = '2025-11-03'
    AppScriptAuthor = '***'
    RequireAdmin = $false

    # Install Titles (Only set here to override defaults set by the toolkit).
    InstallName = ''
    InstallTitle = ''

    # Script variables.
    DeployAppScriptFriendlyName = $MyInvocation.MyCommand.Name
    DeployAppScriptParameters = $PSBoundParameters
    DeployAppScriptVersion = '4.1.7'

the pre-install section where it fails later

##================================================
## MARK: Pre-Install
##================================================

    $adtSession.InstallPhase = "Pre-$($adtSession.DeploymentType)"
    ## Show Welcome Message, close processes if specified, allow up to 3 deferrals, verify there is enough disk space to complete the install, and persist the prompt.
    $saiwParams = @{
        AllowDefer = $true
        DeferTimes = 3
        CheckDiskSpace = $true
        PersistPrompt = $true
    }
    if ($adtSession.AppProcessesToClose.Count -gt 0)
    {
        $saiwParams.Add('CloseProcesses', $adtSession.AppProcessesToClose)
    }
    Show-ADTInstallationWelcome @saiwParams

`Preformatted text`## Show Progress Message (with the default message).
    Show-ADTInstallationProgress
 ## <Perform Pre-Installation tasks here>
	

    # Prüfung des Dateipfades und falls ja, Deinstallation starten
    if (Test-Path "C:\Program Files\2FAGuard\unins000.exe") {
       Start-ADTProcess -FilePath 'C:\Program Files\2FAGuard\unins000.exe' -ArgumentList '/Verysilent'
       Start-Sleep -seconds 5
       }
    else {
       }

thats what i get in the logs

[Initialization] :: [TimoKössler_2FAGuard_1.6.3_MUI_01] install started.	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [TimoKössler_2FAGuard_1.6.3_MUI_01] script version is [1.0.0].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [TimoKössler_2FAGuard_1.6.3_MUI_01] script date is [2025-11-03].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [TimoKössler_2FAGuard_1.6.3_MUI_01] script author is [***].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [Invoke-AppDeployToolkit.ps1] script version is [4.1.7].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The following parameters were passed to [Invoke-AppDeployToolkit.ps1]: [-DeploymentType:'Install' -DeployMode:'Interactive'].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] module version is [4.1.7].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] module imported in [8,0442955] seconds.	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] module initialized in [5,658603] seconds.	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] module path is ['C:\WINDOWS\ccmcache\11q\PSAppDeployToolkit'].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] config path is ['C:\WINDOWS\ccmcache\11q\Config'].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] string path is ['C:\WINDOWS\ccmcache\11q\Strings'].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: [PSAppDeployToolkit] session mode is [Native].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Computer Name is [HOST.DOM.gsi.de].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Current User is [NT-AUTORITÄT\SYSTEM].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: OS Version is [Microsoft Windows 10 Enterprise LTSC X64 10.0.19044.6456].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: OS Type is [WorkStation].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Hardware Platform is [Physical].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Current Culture is [de-DE], language is [DE] and UI language is [DE].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: PowerShell Host is [ConsoleHost] with version [5.1.19041.6456].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: PowerShell Version is [5.1.19041.6456 X64].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: PowerShell Process Path is [C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell.exe].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: PowerShell CLR (.NET) version is [4.0.30319.42000].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The following users are logged on to the system: [DOM\USER].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Session information for all logged on users:
 NTAccount             : DOM\USER
SID                   : ********
UserName              : USER
DomainName            :DOM
SessionId             : 1
SessionName           : Console
ConnectState          : WTSActive
IsCurrentSession      : True
IsConsoleSession      : True
IsActiveUserSession   : True
IsValidUserSession    : True
IsUserSession         : True
IsRdpSession          : False
IsLocalAdmin          : False
IsLocalAdminException : 
LogonTime             : 05.11.2025 08:21:10
IdleTime              : 00:00:14.3280000
DisconnectTime        : 
ClientName            : 
ClientProtocolType    : Console
ClientDirectory       : 
ClientBuildNumber     :
	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Current process is running with user account [NT-AUTORITÄT\SYSTEM] under logged on user session for [DOM\USER].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The following user is the console user [DOM\USER] (user with control of physical monitor, keyboard, and mouse).	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The active logged on user who will receive UI elements is [CAMPUS\sosdoba].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The current execution context has a primary UI language of [de-DE].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The following locale was used to import UI messages from the strings.psd1 files: [de-DE].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Unable to find COM object [Microsoft.SMS.TSEnvironment]. Therefore, script is not currently running from a SCCM Task Sequence.	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Device has completed the OOBE and toolkit is not running with an active ESP in progress.	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Session 0 detected but deployment mode was explicitly set to [Interactive].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: The processes ['2faguard'] were specified as requiring closure but deployment mode was explicitly set to [Interactive].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Installation is running in [Interactive] mode.	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Deployment type is [Install].	Open-ADTSession	05.11.2025 09:23:53	12912 (0x3270)
[Initialization] :: Module [PSAppDeployToolkit.Extensions] imported successfully.	PSAppDeployToolkit.Extensions.psm1	05.11.2025 09:23:54	12912 (0x3270)
[Pre-Install] :: Evaluating disk space requirements.	Show-ADTInstallationWelcome	05.11.2025 09:23:54	12912 (0x3270)
[Pre-Install] :: Retrieving free disk space for drive [C:\].	Get-ADTFreeDiskSpace	05.11.2025 09:23:54	12912 (0x3270)
[Pre-Install] :: Free disk space for drive [C:\]: [117493 MB].	Get-ADTFreeDiskSpace	05.11.2025 09:23:54	12912 (0x3270)
[Pre-Install] :: Successfully passed minimum disk space requirement check.	Show-ADTInstallationWelcome	05.11.2025 09:23:54	12912 (0x3270)
[Pre-Install] :: The user has [3] deferrals remaining.	Show-ADTInstallationWelcome	05.11.2025 09:23:54	12912 (0x3270)
[Pre-Install] :: Checking for running processes: ['2faguard']	Get-ADTRunningProcesses	05.11.2025 09:23:55	12912 (0x3270)
[Pre-Install] :: The following processes are running: ['2FAGuard'].	Get-ADTRunningProcesses	05.11.2025 09:23:55	12912 (0x3270)
[Pre-Install] :: Instantiating user client/server process.	Invoke-ADTClientServerOperation	05.11.2025 09:23:56	12912 (0x3270)
[Pre-Install] :: Prompting the user to close application(s) ['2FAGuard']...	Show-ADTInstallationWelcome	05.11.2025 09:23:58	12912 (0x3270)
<![LOG[[Pre-Install] :: Ausnahme beim Aufrufen von "ShowCloseAppsDialog" mit 2 Argument(en):  "The client process returned an exception."
Error Record:
-------------Message               : Ausnahme beim Aufrufen von "ShowCloseAppsDialog" mit 2 Argument(en):  "The client process returned an exception."
InnerException        : PSADT.ClientServer.ServerException: The client process returned an exception. ---> System.IO.IOException: Login failed: The user does not have the required login type on this computer.

(last sentence translated because it was German)

The issue is likely endpoint protection or some kind of AppControl like CyberArk/Ivanti, etc. Do you use any of those, and if so, is there anything in their log files?

Best display picture by the way. Finally, a user who knows how to appease hungry developers

I'm not sure, but maybe try setting RequireAdmin to true.

sorry, my bad - in the original script it was true and just played around with that so its bad copy+paste

No Ivanti --> God spared us with Ivanti

we use Applocker and default built-in Windows Defender --> no other special software, nothing to see in the logs

the mysterious thing is that i tested the installation over SCCM a lot because it was my first 4.1 PSADT installation (used PSADT v3 before) - and it worked on every device [with my client admin account] - then i tested it my PC with my default user account and it worked and then i deployed it to some other test group (all default user) and nowhere else it works now (even not my notebook with my default user account) - and no, nothing changed between these deployment phases