Solved

Best way to push Group Policy updates?

Posted on 2008-06-10
8
3,147 Views
Last Modified: 2008-06-20
We are going to implement Group Policy.  In house is easy.  For our sales reps though, we are not sure if we make changes, how we are going to push those updates out to our reps.  They currently do not connect to the domain at all unless they happen to be in the office for a visit.  We are about to roll out all new laptops to them so the initial Group Policy will be deployed already on the laptops.  Its only the changes that we make after deployment that we are concerned about.  Any ideas or questions welcome.
0
Comment
Question by:acco_is
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 25

Expert Comment

by:slam69
ID: 21753714
without getting the machines to connect to the domain its not possible. Have you thought of using vpn to get them to connect and update that way
0
 

Author Comment

by:acco_is
ID: 21753748
slam69:
Our only problem is that our reps are not the quickest.  It would have to be something super simple for them or we have no guarantee that they will connect.  I was hoping that would be that last resort.
0
 
LVL 25

Expert Comment

by:slam69
ID: 21753789
well i did network permissioning for barclaycard and often had these scenarios and i never found a way around this other than implicity denying access and allowing where required.

The only way i can think of doing it would be removing the user from domain users and adding the user in directly but then you will click inheritence to follow and they will have access to lots more folders, try adding the permissions in one folder at a time, removing them from domain users group and adding their access in one level at a time, gonna be tricky though i would still want to be denying them rights to teh other folders
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 

Author Comment

by:acco_is
ID: 21753793
As a side note....I didn't know if there was a way to force them to have to connect.  i.e. - Unless they connect to our network within every x number of day/weeks/months, their computer or Windows would not function in some way.
Or something that would prevent them from doing what they need until they connect.
0
 
LVL 25

Expert Comment

by:slam69
ID: 21753798
apologies i posted reply to wrong question hang on and ill try that again!!
0
 

Author Comment

by:acco_is
ID: 21753815
Also FYI...they currently have a RAS connection that they can use to replicate in Lotus Notes.  But only a dozen use that as a last resource to replicate.
0
 
LVL 25

Accepted Solution

by:
slam69 earned 125 total points
ID: 21753836
again unfortunately not, you can get them to log on using dial up networking, but its reliant on the user logging in in teh appropriate manner and wouldnt be a lot different to asking them to log in via vpn to obtain the gpo updates.

i would advise sitting down discussing the best possible gp setup for your laptop users and distribute that as an image so that they shoudlnt need updating, then enforce company policy that within a set number of days of them recieving an email instructing them to connect for an update they do it or face disciplinary.

Aide from that you have little or no options.. sorry bud sometimes its just not possible
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 21755667
without a connection its not going to happen - its like wanting to receive email without using internet :)
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question