Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 560
  • Last Modified:

GPO - Computer vs User ?

How to decide which to use is my question when for exmaple doing a sw install to users.  I am thinking do it as a computer policy and apply it to the computers that add to a group.   That said what is the best way to decide. The sw needs to install and stay put on the machine, while our users do somtimes go from machine to machine and can work fine due to folder redirection adn syncing setup.   Trying to figure out how best to decide and what if any is best practice when doing sw install/deployments for example.  Thx
0
dee30
Asked:
dee30
  • 2
3 Solutions
 
KCTSCommented:
First - GPOs are applied to OUs - not to groups - so you need to put your computers and/or users into OUs not groups (OK you can use security filtering based on groups, but its a bit of a kludge and not the recommended way of doing things)

You can publish software to users which gives the user the a say in wether its installed or not - you can also assign software to users and computers- which gives them no choice in the matter. Not you can't publish to computers.

Generally, if the computer needs the software on it regardless of who is using it, then assign the software to the computer.

If the user must have the software regardless of which computer they are using, then assign or publish to users.

0
 
geowrianCommented:
@KCTS
Very well said, but I will note that you can publish or assign software to computers via loopback processing. I wouldn't recommend this except for certain specific circumstances. For instance, I work in higher education, so loopback policies come in handy for computer labs. They make management of the systems easier, as well as help limit the number of licenses required (~200 computers versus >5000 users).
0
 
dee30Author Commented:
Thx
0
 
dee30Author Commented:
thx
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now