Microsoft 2008 R2 Group Policy Objects
I have packaged a MSI. from a .EXE
I now want to deploy the MSI via group policy to all computers I have in a specific OU.
What is the best practice in deploying this MSI via GPO?
I want to deploy to computers not users, and want no interaction from the user.
I want to install automatically via GPO.
How do I go about doing that?
Should I use assigned or Published?
Thanks
I now want to deploy the MSI via group policy to all computers I have in a specific OU.
What is the best practice in deploying this MSI via GPO?
I want to deploy to computers not users, and want no interaction from the user.
I want to install automatically via GPO.
How do I go about doing that?
Should I use assigned or Published?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So when I 'assign' to a computer, your saying the computer either has to be rebooted & have the user logon.
Is there anyway to just deploy the MSI via assigned to a computer, and have it automatially install, without rebooting the machine and the user logging into the server.
My other question when I packaged this MSI, and tested it installing it manually, I had to press > Next > Next > Next,,,, etc.....
Will this install automatically via GPO? If not what do I need to install this package without user intervention?
I am just learning this GPO stuff.
thanks
Is there anyway to just deploy the MSI via assigned to a computer, and have it automatially install, without rebooting the machine and the user logging into the server.
My other question when I packaged this MSI, and tested it installing it manually, I had to press > Next > Next > Next,,,, etc.....
Will this install automatically via GPO? If not what do I need to install this package without user intervention?
I am just learning this GPO stuff.
thanks
When you assign to the computer (which you should) you would have to REBOOT the computer - that is the only way to deploy a computer assigned package.
GPO will automatically add the "/QN" switch when deploying.
There is no way to schedule distributions - GPO software deployment was intended as a very small shop method of software distribution. When it was introduced (Windows 2000) Microsoft removed SMS (now SCCM) from their small company offering called "Back Office" at the time (now SBS). SMS was overkill for small organizations up to 500 seats.
A very good alternative that is what GPO should have been (and was generally assumed to be) is SpecOps Deploy (http://www.specopssoft.com/products/specops-deploy). SpecOps does everything through Group Policy (both for Admin and for servicing clients), but has some status reportings, can send EXEs and many, many other things.
There are also some cheap and free cloud alternatives. Microsoft Intune is cheap and can also give you access to MDOP (app-v) without an MS support agreement:
http://www.pcworld.com/businesscenter/article/242081/its_like_microsoft_is_giving_windows_intune_20_away_for_free.html
http://www.microsoft.com/en-us/windows/windowsintune/faq/default.aspx
ManageEngine has an affordable pricing model: http://www.manageengine.com/products/desktop-central/windows-software-installation.html
BruteSoft has a free license for up to 10, then $1/month per machine - cheaper if you subscribe a year: https://www.brutesoft.com/#pricing
GPO will automatically add the "/QN" switch when deploying.
There is no way to schedule distributions - GPO software deployment was intended as a very small shop method of software distribution. When it was introduced (Windows 2000) Microsoft removed SMS (now SCCM) from their small company offering called "Back Office" at the time (now SBS). SMS was overkill for small organizations up to 500 seats.
A very good alternative that is what GPO should have been (and was generally assumed to be) is SpecOps Deploy (http://www.specopssoft.com/products/specops-deploy). SpecOps does everything through Group Policy (both for Admin and for servicing clients), but has some status reportings, can send EXEs and many, many other things.
There are also some cheap and free cloud alternatives. Microsoft Intune is cheap and can also give you access to MDOP (app-v) without an MS support agreement:
http://www.pcworld.com/businesscenter/article/242081/its_like_microsoft_is_giving_windows_intune_20_away_for_free.html
http://www.microsoft.com/en-us/windows/windowsintune/faq/default.aspx
ManageEngine has an affordable pricing model: http://www.manageengine.com/products/desktop-central/windows-software-installation.html
BruteSoft has a free license for up to 10, then $1/month per machine - cheaper if you subscribe a year: https://www.brutesoft.com/#pricing
ASKER
I understand the computer has to be rebooted in order to install the package.
Now let me think outside the box:
what about a powershell script or a batch file to run the installation of the MSI package?
FYI: I'm real green at GPO's.
Now let me think outside the box:
what about a powershell script or a batch file to run the installation of the MSI package?
FYI: I'm real green at GPO's.
That would cause the first part of your MSI to run in the context of the user credentials.
If they are not administrators so that they can answer the UAC prompt, the package will not install successfully.
GPO installs using the system account - so this is a non-issue in that case.
If they are not administrators so that they can answer the UAC prompt, the package will not install successfully.
GPO installs using the system account - so this is a non-issue in that case.
Forgot to mention that if the desktop is XP, they still need to be administrators.
ASKER
The MSI package installed I get this message, but it did not start the service.
Application 'C:\Program Files (x86)\Ocs Inventory Agent\OcsSystray.exe' (pid 2348) cannot be restarted - Application SID does not match Conductor SID..
Event ID: 10010
I do not see much on this when I do a search
Application 'C:\Program Files (x86)\Ocs Inventory Agent\OcsSystray.exe' (pid 2348) cannot be restarted - Application SID does not match Conductor SID..
Event ID: 10010
I do not see much on this when I do a search
Sounds like the package triggered a reboot which was denied by OcsSystray.exe and that the package was relying on a restart to start the service.
ASKER
Can you put that in English > GPO requires a reboot because it is assigned > computer.
So I rebooted the machine.
So I rebooted the machine.
"You can assign it to a computer or publish it to a user. When published to a user the software is not installed but made available through add and remove programs."
http://www.petri.co.il/forums/showthread.php?t=23146