Solved

GPO - Computer vs User ?

Posted on 2011-09-19
4
542 Views
Last Modified: 2012-05-12
How to decide which to use is my question when for exmaple doing a sw install to users.  I am thinking do it as a computer policy and apply it to the computers that add to a group.   That said what is the best way to decide. The sw needs to install and stay put on the machine, while our users do somtimes go from machine to machine and can work fine due to folder redirection adn syncing setup.   Trying to figure out how best to decide and what if any is best practice when doing sw install/deployments for example.  Thx
0
Comment
Question by:dee30
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 250 total points
ID: 36563628
First - GPOs are applied to OUs - not to groups - so you need to put your computers and/or users into OUs not groups (OK you can use security filtering based on groups, but its a bit of a kludge and not the recommended way of doing things)

You can publish software to users which gives the user the a say in wether its installed or not - you can also assign software to users and computers- which gives them no choice in the matter. Not you can't publish to computers.

Generally, if the computer needs the software on it regardless of who is using it, then assign the software to the computer.

If the user must have the software regardless of which computer they are using, then assign or publish to users.

0
 
LVL 12

Assisted Solution

by:geowrian
geowrian earned 250 total points
ID: 36564494
@KCTS
Very well said, but I will note that you can publish or assign software to computers via loopback processing. I wouldn't recommend this except for certain specific circumstances. For instance, I work in higher education, so loopback policies come in handy for computer labs. They make management of the systems easier, as well as help limit the number of licenses required (~200 computers versus >5000 users).
0
 

Accepted Solution

by:
dee30 earned 0 total points
ID: 36567007
Thx
0
 

Author Closing Comment

by:dee30
ID: 36594665
thx
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question