Deploying MSI's via GPO (Computer Container) dependant on Computer AD Group Membership


I have a custom MSI that I want to deploy to certain PCs. The PC's are across different OU's which have different policies associated with them.

In the past when the MSI has been user specific, I have put the users that need the app in a AD group, and then only given that group access to Apply the group policy - which works well.

However Im not interested in which user has the software, I just want it to go to certain PC's. I have tried putting the PCs into a AD group and applied the software in the Computer Container of the GPO - but it doesn't work.

How do I apply my MSI to certain PC's across the company using AD?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hello, ncht.  I am going to need more info from you. What do the event logs say?
Did you recheck the permissions for these computers, assuming this msi installer package is on a network share?  The event logs on the dc and on the target pc's should clue us in to issue. Also, are there other GPO's in force on the domain that are might have priority over your software install policy?
Make sure the computers objects under the container you have applied to GP to and that those computers (or the group they are in) have access to the install files at the file level and share level.  Also make sure the installation is setup as a computer policy, not a user policy.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nchtAuthor Commented:
Sorry my mistake - when I went back in to check, I noticed that I had applied the GPO to the User OU, and not the Computer OU. Becuase the policy was applied to the Computer and not the user it didnt work. I moved the policy to the Computer OU and it worked perfectly.

Thank you both for your comments and suggestions.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.