?
Solved

Deploying Service pack using Active Directory GPO to a specific user only.

Posted on 2009-05-05
7
Medium Priority
?
484 Views
Last Modified: 2013-12-12
Hi All,

Ive got several question regarding deploying an update (Office 2007 SP2 and some other Visio 2007 SP2 + Project 2007 SP2) using AD GPO.

1.      At the moment all of my user got Office 2007 that needs to be updated to SP2, shall I just create a GPO account and then apply it to the default Users OU ?
2.      Only some of the user got Visio and Project 2007 Installed (not all of them) how can I implement this update without visiting their desk and ask them to install the update manually ?

Thanks,
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 19

Assisted Solution

by:Mal Osborne
Mal Osborne earned 600 total points
ID: 24302221
Considered setting up a WSUS server?  This will automate all your patching.
0
 
LVL 21

Assisted Solution

by:JBlond
JBlond earned 600 total points
ID: 24302222
Is there a reason that you don't use WSUS for this?
http://technet.microsoft.com/en-us/wsus/default.aspx

It's free and does everything you asked for without dealing with scripts. After the installation you only have to point all your clients to the WSUS server using group policies and then you can approve the necessary updates on the WSUS server and the rest is done automatically.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 800 total points
ID: 24302230
How do you normally deploy your patches?   Are you using WSUS, if you are you could use that for deploying office 2007 SP2
http://blogs.technet.com/wsus/archive/2009/04/09/the-2007-office-system-service-pack-2-coming-to-wsus-in-april.aspx
The 2007 Office System Service Pack 2 coming to WSUS in April
I haven't actually tested or tried to deploy office 2007 SP2 via GPO but for a GPO you have to link it to where the users are (usually domain or OU level)
When you say "default Users OU" is that the default users container in AD or do you have an OU with your users.  You won't be able to link a group policy to that Users container.
If you only want the GPO to apply to certain users you can either link the GPO at the OU (if those users are not in that OU)
The other way (probably what I'd do in this case is to use security filtering.  More on security filtering here:
http://adisfun.blogspot.com/2009/04/security-filtering-and-group-policy.html
Thanks
Mike
0
Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

 
LVL 1

Author Comment

by:jjoz
ID: 24302257
To All,

usually i ask the user to install the update manually and i broadcast the announcement via email (sounds like a very primitive way of doing it :-| ) since

my WSUS is behaving strange by not listing the computer under the "All Computers".
0
 
LVL 21

Assisted Solution

by:JBlond
JBlond earned 600 total points
ID: 24302417
Then I suggest we try to troubleshoot your WSUS server instead of dealing with group policy scripts or let the users install the update on their own.

0
 
LVL 1

Author Comment

by:jjoz
ID: 24302491
yes i guess that is the correct way to do it :-|

conclusion: deploy it using WSUS.

Cheers.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 31577909
Thanks for the suggestion.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question