Solved

Best way to push Group Policy updates?

Posted on 2008-06-10
8
3,140 Views
Last Modified: 2008-06-20
We are going to implement Group Policy.  In house is easy.  For our sales reps though, we are not sure if we make changes, how we are going to push those updates out to our reps.  They currently do not connect to the domain at all unless they happen to be in the office for a visit.  We are about to roll out all new laptops to them so the initial Group Policy will be deployed already on the laptops.  Its only the changes that we make after deployment that we are concerned about.  Any ideas or questions welcome.
0
Comment
Question by:acco_is
  • 4
  • 3
8 Comments
 
LVL 25

Expert Comment

by:slam69
ID: 21753714
without getting the machines to connect to the domain its not possible. Have you thought of using vpn to get them to connect and update that way
0
 

Author Comment

by:acco_is
ID: 21753748
slam69:
Our only problem is that our reps are not the quickest.  It would have to be something super simple for them or we have no guarantee that they will connect.  I was hoping that would be that last resort.
0
 
LVL 25

Expert Comment

by:slam69
ID: 21753789
well i did network permissioning for barclaycard and often had these scenarios and i never found a way around this other than implicity denying access and allowing where required.

The only way i can think of doing it would be removing the user from domain users and adding the user in directly but then you will click inheritence to follow and they will have access to lots more folders, try adding the permissions in one folder at a time, removing them from domain users group and adding their access in one level at a time, gonna be tricky though i would still want to be denying them rights to teh other folders
0
 

Author Comment

by:acco_is
ID: 21753793
As a side note....I didn't know if there was a way to force them to have to connect.  i.e. - Unless they connect to our network within every x number of day/weeks/months, their computer or Windows would not function in some way.
Or something that would prevent them from doing what they need until they connect.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 25

Expert Comment

by:slam69
ID: 21753798
apologies i posted reply to wrong question hang on and ill try that again!!
0
 

Author Comment

by:acco_is
ID: 21753815
Also FYI...they currently have a RAS connection that they can use to replicate in Lotus Notes.  But only a dozen use that as a last resource to replicate.
0
 
LVL 25

Accepted Solution

by:
slam69 earned 125 total points
ID: 21753836
again unfortunately not, you can get them to log on using dial up networking, but its reliant on the user logging in in teh appropriate manner and wouldnt be a lot different to asking them to log in via vpn to obtain the gpo updates.

i would advise sitting down discussing the best possible gp setup for your laptop users and distribute that as an image so that they shoudlnt need updating, then enforce company policy that within a set number of days of them recieving an email instructing them to connect for an update they do it or face disciplinary.

Aide from that you have little or no options.. sorry bud sometimes its just not possible
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 21755667
without a connection its not going to happen - its like wanting to receive email without using internet :)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Learn about cloud computing and its benefits for small business owners.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now