Best way to push Group Policy updates?

Posted on 2008-06-10
Last Modified: 2008-06-20
We are going to implement Group Policy.  In house is easy.  For our sales reps though, we are not sure if we make changes, how we are going to push those updates out to our reps.  They currently do not connect to the domain at all unless they happen to be in the office for a visit.  We are about to roll out all new laptops to them so the initial Group Policy will be deployed already on the laptops.  Its only the changes that we make after deployment that we are concerned about.  Any ideas or questions welcome.
Question by:acco_is
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 25

Expert Comment

ID: 21753714
without getting the machines to connect to the domain its not possible. Have you thought of using vpn to get them to connect and update that way

Author Comment

ID: 21753748
Our only problem is that our reps are not the quickest.  It would have to be something super simple for them or we have no guarantee that they will connect.  I was hoping that would be that last resort.
LVL 25

Expert Comment

ID: 21753789
well i did network permissioning for barclaycard and often had these scenarios and i never found a way around this other than implicity denying access and allowing where required.

The only way i can think of doing it would be removing the user from domain users and adding the user in directly but then you will click inheritence to follow and they will have access to lots more folders, try adding the permissions in one folder at a time, removing them from domain users group and adding their access in one level at a time, gonna be tricky though i would still want to be denying them rights to teh other folders
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.


Author Comment

ID: 21753793
As a side note....I didn't know if there was a way to force them to have to connect.  i.e. - Unless they connect to our network within every x number of day/weeks/months, their computer or Windows would not function in some way.
Or something that would prevent them from doing what they need until they connect.
LVL 25

Expert Comment

ID: 21753798
apologies i posted reply to wrong question hang on and ill try that again!!

Author Comment

ID: 21753815
Also FYI...they currently have a RAS connection that they can use to replicate in Lotus Notes.  But only a dozen use that as a last resource to replicate.
LVL 25

Accepted Solution

slam69 earned 125 total points
ID: 21753836
again unfortunately not, you can get them to log on using dial up networking, but its reliant on the user logging in in teh appropriate manner and wouldnt be a lot different to asking them to log in via vpn to obtain the gpo updates.

i would advise sitting down discussing the best possible gp setup for your laptop users and distribute that as an image so that they shoudlnt need updating, then enforce company policy that within a set number of days of them recieving an email instructing them to connect for an update they do it or face disciplinary.

Aide from that you have little or no options.. sorry bud sometimes its just not possible
LVL 48

Expert Comment

ID: 21755667
without a connection its not going to happen - its like wanting to receive email without using internet :)

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Automate Windows Updates with SCCM 2 82
ADFS Setup 4 41
Time sync on Domain 5 37
Move the SYSVOL and NTDS folder to another drive 5 32
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question