Solved

Windows 2003 Server GPO

Posted on 2007-03-28
12
200 Views
Last Modified: 2010-04-18
I have a single domain, with a single domain controller ( win2003 enterprise edition) I also have 2 member servers ( win200 server  and win 2003 server ).  The network has only one subnet (192.188.0.x). The DOmain controller is also a DNS and DHCP server. My questions is how do I create a group policy that will apply to all computers that have windows xp only. ( i also have win 2000 and 98 computers ). The group policy will install  (assign) a program (.exe file ) as soon as the user logs on. I  also i want to "publish only" a second program that a user can install if he choses to. Can anyone tell me how to configure and apply this group policy??...
0
Comment
Question by:James Hilloya
  • 5
  • 3
  • 3
  • +1
12 Comments
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 60 total points
ID: 18808814
You can use a WMI filter to identify the XP Machines

Seehttp://technet2.microsoft.com/WindowsServer/en/library/7cae3dab-b973-4905-9e47-00a638241da91033.mspx?mfr=true
for details and examples.
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18809170
Thanks, however I need to know how to create and configure the GPO . I am not even sure how to get to that "group policy management " screen that is listed on the link u  sent
0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 65 total points
ID: 18809628
Unfortunately, Windows 2000 and Windows 98 do not understand WMI filtering, which would be required to have this GP apply only to XP machines.  (There are ways around that for many GPO settings, but Software Installation is a slightly different matter.)  In this case you will need to create a separate OU for your XP workstations, create and link the GPO there.

If you are new to Group Policy and Software Installation, you may find the following tutorial useful:

http://www.serverwatch.com/tutorials/article.php/1497901

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
 
LVL 16

Expert Comment

by:kshays
ID: 18812989
I take it that you haven't really configured gpo's at all?  If that is the case then be careful especially when modifying the "default domain policy" (if you do that).

Here is the link to download gpmc if you haven't done so already.
http://www.microsoft.com/windowsserver2003/gpmc/default.mspx

Once downloaded, install and go to administrative tools.  It should be listed in there.

Group policy tutorials:
http://www.2000trainers.com/tutorials/group-policy/
http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Deploy-Applications.html

I've just listed a couple of sites for gpo's.  I would suggest creating some test OU's and test users first to  test the gpo's and after you have them working the way you want you can link them to the correct OU and put them into production use.

Kevin
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815407
kshays you are correct but what I am trying to do seems to be very simple, I am just not sure how to do it. I have an OU where all of my XP machines are. I have an executable file on the server that I installs a program. I want to assign this program  to all XP machines as soon as the computer comes on. How do  I do that??
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815426
I guess I will look at the links that you provided and go from there
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18815436
First of all it's important to note that Software Installation in Group Policy requires an MSI file, not an EXE, so you'll need to use a packaging tool like WinInstall to create an MSI installer file.

Once you've done that, you'll create a GPO for your XP clients which includes the MSI file you created, using steps that have been detailed in the various tutorial links provided in previous posts in this thread.
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815474
does windows 2003 server come with the WinInstall??
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18815525
You can check your 2003 media to confirm, but I believe that this is now a third-party tool - there are certainly others in the same market, WinInstall just happens to be one that I'm familiar with.
0
 
LVL 16

Expert Comment

by:kshays
ID: 18815702
WinInstallLE comes on the Windows 2000 cd's I know of.  I haven't checked on my 2003 though.  I think it should be under support tools.  If using WinInstallLE make sure you reference everything by UNC.

Another program that is pretty nice is Advance Installer.
http://www.advancedinstaller.com/

I think what will help you out the most right now is to get familiar with GPO's and software distribution via the gpo's.  Once you get familiar with how gpo works and read through the links we have provided it will make much more sense to you, especially when you do it a few times and actually see it in action :)

Best of luck.

Kevin

0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815770
Thank You Kevin, from what i read i have to create the gpo and link it to the OU that has all of my xp machines.. then make sure that only the xp machines have the read and apply group policy permissions in the ACL.I hope I am on the right track, going to look into the advance installer now
0
 
LVL 16

Expert Comment

by:kshays
ID: 18816106
No problem.  Yes, you are correct.  It sounds like you are getting the idea :)

Kevin
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now