Avatar of techgenious
techgeniousFlag for United States of America

asked on 

Microsoft 2008 R2 Group Policy Objects

I have packaged a MSI. from a .EXE

I now want to deploy the MSI via group policy to all computers I have in a specific OU.

What is the best practice in deploying this MSI via GPO?
I want to deploy to computers not users, and want no interaction from the user.
I want to install automatically via GPO.

How do I go about doing that?

Should I use assigned or Published?

Windows Server 2008

Avatar of undefined
Last Comment
Avatar of itnetworkn
Flag of United States of America image

If you read through this thread it should answer your questions. Let me know if I can help further.

"You can assign it to a computer or publish it to a user. When published to a user the software is not installed but made available through add and remove programs."

Avatar of CSI-Windows_com
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of techgenious
Flag of United States of America image


So when I 'assign' to a computer, your saying the computer either has to be rebooted & have the user logon.

Is there anyway to just deploy the MSI via assigned to a computer, and have it automatially install, without rebooting the machine and the user logging into the server.

My other question when I packaged this MSI, and tested it installing it manually, I had to press > Next > Next > Next,,,, etc.....

Will this install automatically via GPO?   If not what do I need to install this package without user intervention?

I am just learning this GPO stuff.

When you assign to the computer (which you should) you would have to REBOOT the computer - that is the only way to deploy a computer assigned package.

GPO will automatically add the "/QN" switch when deploying.

There is no way to schedule distributions - GPO software deployment was intended as a very small shop method of software distribution.  When it was introduced (Windows 2000) Microsoft removed SMS (now SCCM) from their small company offering called "Back Office" at the time (now SBS).  SMS was overkill for small organizations up to 500 seats.

A very good alternative that is what GPO should have been (and was generally assumed to be) is SpecOps Deploy (http://www.specopssoft.com/products/specops-deploy).  SpecOps does everything through Group Policy (both for Admin and for servicing clients), but has some status reportings, can send EXEs and many, many other things.

There are also some cheap and free cloud alternatives.  Microsoft Intune is cheap and can also give you access to MDOP (app-v) without an MS support agreement:

ManageEngine has an affordable pricing model: http://www.manageengine.com/products/desktop-central/windows-software-installation.html

BruteSoft has a free license for up to 10, then $1/month per machine - cheaper if you subscribe a year: https://www.brutesoft.com/#pricing
Avatar of techgenious
Flag of United States of America image


I understand the computer has to be rebooted in order to install the package.

Now let me think outside the box:

what about a powershell script or a batch file to run the installation of the MSI package?
FYI:  I'm real green at GPO's.
That would cause the first part of your MSI to run in the context of the user credentials.  

If they are not administrators so that they can answer the UAC prompt, the package will not install successfully.

GPO installs using the system account - so this is a non-issue in that case.
Forgot to mention that if the desktop is XP, they still need to be administrators.
Avatar of techgenious
Flag of United States of America image


The MSI package installed I get this message, but it did not start the service.

Application 'C:\Program Files (x86)\Ocs Inventory Agent\OcsSystray.exe' (pid 2348) cannot be restarted - Application SID does not match Conductor SID..

Event ID:  10010

I do not see much on this when I do a search
Sounds like the package triggered a reboot which was denied by OcsSystray.exe and that the package was relying on a restart to start the service.
Avatar of techgenious
Flag of United States of America image


Can you put that in English >  GPO requires a reboot because it is assigned > computer.
So I rebooted the machine.
Windows Server 2008
Windows Server 2008

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo