GPO wont install...

Posted on 2012-09-13
Last Modified: 2013-01-25
Hi everyone,
I created a GPO as assigned and the .msi is in a share that the everyone and domain users group have full control, they also have full control on the security permissions on the folder and the same permissions on the gpo. I ran gpupdate on the client computer and tried many times and it still doesnt install. From the client cmputer I can directly access the share by \\servername\share\.msi
On the client computer I ran gpresult /H gpreort.html and I get an error that says:
"Software Installation failed due to the error listed below.
 The installation source for this product is not available.
Verify that the source exists and that you can access it."
I've deleted and recreated the share many times and tried different machines and still no go.
I receive this in the Windows application log on the Domain Controller where the GPO is installed.
1. Software Installation encountered an unexpected error while reading from the MSI file \\abc-123\company\Shared\Adobe Flash Player\install_flash_player_11_active_x.msi.  The error was not serious enough to justify halting the operation.  The following error was encountered: The operation completed successfully.
2. Beginning a Windows Installer transaction: \\abc-123\company\Shared\Adobe Flash Player\install_flash_player_11_active_x.msi. Client Process Id: 2292.
3. Ending a Windows Installer transaction: \\abc-123\company\Shared\Adobe Flash Player\install_flash_player_11_active_x.msi. Client Process Id: 2292.
Any suggestions? Thanks.
Question by:tolinrome
    LVL 11

    Expert Comment

    Try adding 'Authenticated Users' to the share with read permissions. As the computer accounts are also security principal In AD and they should also have permission on the .msi location.

    Also to check if your .msi file is corrupt or not,  you need to run the .msi manually on a machine and it install with issues you are good to go.
    LVL 2

    Expert Comment



    A few things to check.


    First, are you specifying a share to the binary you want to install, or a local path?

    Example:  c:\directory\file.msi would be incorrect.

    \\servershare\directory\file.msi would be correct.


    Second, have you checked your firewall settings?


    Third, do all necessary accounts have access to the share where the msi file is found?


    LVL 7

    Author Comment

    Authenticated users have "Co-owner" permissions on the share, domain computers security group has full control on the msi file.

    the msi file is on a server share - \\servername\share\install_flash_player_11_active_x.msi

    firewall is off. authenticated users, domain users, domain computers, everyone, have full control on the msi file, the security permissions on the folder and co-owner on the share.
    LVL 7

    Author Comment

    LVL 11

    Accepted Solution

    Have you tried running MSI package with admin switch


    msiexec (msipath) /a via group policy
    LVL 7

    Author Comment

    I don't understand what you mean,please explain?
    LVL 7

    Author Comment

    I have tried this which didnt help:

    C:\Users\hrice>psexec \\ -u abc\admin -p password!! msiexec /i "\\abc-fs\comp
    any\IT\Shared\Adobe Flash Player\install_flash_player_11_active_x.msi\install_flash_play
    er_active_x.msi" /qn

    PsExec v1.98 - Execute processes remotely
    Copyright (C) 2001-2010 Mark Russinovich
    Sysinternals -

    T h i s   i n s t a l l a t i o n   p a c k a g e   c o u l d   n o t   b e   o p e n e d
    .     V e r i f y   t h a t   t h e   p a c k a g e   e x i s t s   a n d   t h a t   y o
    u   c a n   a c c e s s   i t ,   o r   c o n t a c t   t h e   a p p l i c a t i o n   v
    e n d o r   t o   v e r i f y   t h a t   t h i s   i s   a   v a l i d   W i n d o w s
    I n s t a l l e r   p a c k a g e .
     msiexec exited on with error code 1619.
    LVL 10

    Expert Comment

    by:Gajendra Rathod

    \\ (IP address or FQDN  of the share server)\share\.msi

    First try with IP address.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now