Solved

Windows 2003 Server GPO

Posted on 2007-03-28
12
228 Views
Last Modified: 2010-04-18
I have a single domain, with a single domain controller ( win2003 enterprise edition) I also have 2 member servers ( win200 server  and win 2003 server ).  The network has only one subnet (192.188.0.x). The DOmain controller is also a DNS and DHCP server. My questions is how do I create a group policy that will apply to all computers that have windows xp only. ( i also have win 2000 and 98 computers ). The group policy will install  (assign) a program (.exe file ) as soon as the user logs on. I  also i want to "publish only" a second program that a user can install if he choses to. Can anyone tell me how to configure and apply this group policy??...
0
Comment
Question by:James Hilloya
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +1
12 Comments
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 60 total points
ID: 18808814
You can use a WMI filter to identify the XP Machines

Seehttp://technet2.microsoft.com/WindowsServer/en/library/7cae3dab-b973-4905-9e47-00a638241da91033.mspx?mfr=true
for details and examples.
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18809170
Thanks, however I need to know how to create and configure the GPO . I am not even sure how to get to that "group policy management " screen that is listed on the link u  sent
0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 65 total points
ID: 18809628
Unfortunately, Windows 2000 and Windows 98 do not understand WMI filtering, which would be required to have this GP apply only to XP machines.  (There are ways around that for many GPO settings, but Software Installation is a slightly different matter.)  In this case you will need to create a separate OU for your XP workstations, create and link the GPO there.

If you are new to Group Policy and Software Installation, you may find the following tutorial useful:

http://www.serverwatch.com/tutorials/article.php/1497901

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0
Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

 
LVL 16

Expert Comment

by:kshays
ID: 18812989
I take it that you haven't really configured gpo's at all?  If that is the case then be careful especially when modifying the "default domain policy" (if you do that).

Here is the link to download gpmc if you haven't done so already.
http://www.microsoft.com/windowsserver2003/gpmc/default.mspx

Once downloaded, install and go to administrative tools.  It should be listed in there.

Group policy tutorials:
http://www.2000trainers.com/tutorials/group-policy/
http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Deploy-Applications.html

I've just listed a couple of sites for gpo's.  I would suggest creating some test OU's and test users first to  test the gpo's and after you have them working the way you want you can link them to the correct OU and put them into production use.

Kevin
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815407
kshays you are correct but what I am trying to do seems to be very simple, I am just not sure how to do it. I have an OU where all of my XP machines are. I have an executable file on the server that I installs a program. I want to assign this program  to all XP machines as soon as the computer comes on. How do  I do that??
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815426
I guess I will look at the links that you provided and go from there
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18815436
First of all it's important to note that Software Installation in Group Policy requires an MSI file, not an EXE, so you'll need to use a packaging tool like WinInstall to create an MSI installer file.

Once you've done that, you'll create a GPO for your XP clients which includes the MSI file you created, using steps that have been detailed in the various tutorial links provided in previous posts in this thread.
0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815474
does windows 2003 server come with the WinInstall??
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18815525
You can check your 2003 media to confirm, but I believe that this is now a third-party tool - there are certainly others in the same market, WinInstall just happens to be one that I'm familiar with.
0
 
LVL 16

Expert Comment

by:kshays
ID: 18815702
WinInstallLE comes on the Windows 2000 cd's I know of.  I haven't checked on my 2003 though.  I think it should be under support tools.  If using WinInstallLE make sure you reference everything by UNC.

Another program that is pretty nice is Advance Installer.
http://www.advancedinstaller.com/

I think what will help you out the most right now is to get familiar with GPO's and software distribution via the gpo's.  Once you get familiar with how gpo works and read through the links we have provided it will make much more sense to you, especially when you do it a few times and actually see it in action :)

Best of luck.

Kevin

0
 
LVL 1

Author Comment

by:James Hilloya
ID: 18815770
Thank You Kevin, from what i read i have to create the gpo and link it to the OU that has all of my xp machines.. then make sure that only the xp machines have the read and apply group policy permissions in the ACL.I hope I am on the right track, going to look into the advance installer now
0
 
LVL 16

Expert Comment

by:kshays
ID: 18816106
No problem.  Yes, you are correct.  It sounds like you are getting the idea :)

Kevin
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question