Solved

active directory group policy software installation

Posted on 2011-03-17
3
303 Views
Last Modified: 2012-05-11
I would like to distribute a package using group policy to a group of computers.

Can I set the policy on an organizational unit which contains a group whose members are the computers I want the software installed upon?  If so, should it be a security group or distribution group and what other considerations might there be?

Windows 2003 Server.
0
Comment
Question by:harveystephenb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 35160190
You would need to use a security group, assuming that your purpose is to limit the software installation to that group of computers. Also, in setting up the group policy, you need to be sure that you change the security settings on the policy itself to specify that security group as being the only group able to run the group policy. This setting is on the Scope tab when looking at the group policy in the GPMC, under Security Filtering.
0
 

Author Comment

by:harveystephenb
ID: 35160306
Just to clarify, the group policy is on the OU, and the only member of the OU is the security group with members to be computers on which this software should be installed.

The computer objects themselves are contained in other OUs.

Would you still say this should work?
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
ID: 35160370
Yes, it will still work.  The controlling factor is that you set the group policy so that only members of that security group can access (run) the policy. Actually, you don't even have to put the security group in a separate OU, unless you want to do this for clarity's sake in managing the policy. You can simply create the policy at the domain level and then specify in the Security Filtering section that only members of that security group can run the policy.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question