i created a GPO on server to install a msi package but its not being installed on XP.

Yeah, makes no difference whatsoever whether you can ping the server, clearly, if that was down you'd have significant issues. Your issue here is GPO

Run GPresult /h c:\temp\results.html

Find your group policy with the software deployment

See why it's not running.

Also, check the event log for errors pertaining to group policy

Cheers

Alex

Hi Alex i run GPresult /h c:\temp\results.html a cmd window pop ups and went away immediately before i can see anything. so i checked the C drive there was no temp folder.
i am socked

you have to create the folder first

Try to deploy another software and come back with feedback.

It's important to know if the MSI fails to install or fails to run. Do you see any errors in the Event Viewer for it? Check if Domain Users have read access to the location of your MSI and try to access the path manually once logged in. This should clear fail to run.

Which is why checking the group policy results to see what's in fact applying is the most efficient way. Otherwise you could be looking for an installation that never started

@Anthony Janson
i checked event viewer and there is no log related to it so i think msi is failing to run.
yes i am able to access MSI package from domain users

@B.A i tried to deploy another software but it did not worked

@David Johnson, CD, MVP  have create temp folder on c drive still getting  no results by running gpresult

this is the error i am getting on event viewer


Event Type:      Error
Event Source:      AutoEnrollment
Event Category:      None
Event ID:      15
Date:            5/22/2017
Time:            4:20:30 AM
User:            N/A
Computer:      COMPUTER_1
Description:
Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Words of another guy here in forum:

Go to the the local security policy of the workstation and set the following policies.

Computer Configuration\Windows Settings\Security Settings\Public Key Policies\Certificate Services Client - Certificate Enrollment Policy
Computer Configuration\Windows Settings\Security Settings\Public Key Policies\Certificate Services Client - Auto-Enrollment

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1054
Date:            5/22/2017
Time:            4:20:28 AM
User:            NT AUTHORITY\SYSTEM
Computer:      COMPUTER_1
Description:
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I found this solutions:

1. Disable auto enrollment certificate. If this won't help... go to the next point.
2. Check time and date on the computer and server.  If the date and time are same... go to the next point.
3. Remove the computer from domain and re-join.

@ B A, i tried all above options no one worked

Considering all provided info it must be somewhere in a way you deploy packages.

Stupid question but have you used UNC path?
Can you deploy packages to other computers without problem?
Did any deployment from a server work on this PC before?
Have you tried to re-create the policy?

Another possible solution:
1. Run gpedit.msc > Computer Configuration > Administrative Templates > System > Logon > Always wait for the network at computer startup and login > "Enable"
2. CMD Gpupdate /force on client
3. CMD: ipconfig /release /renew on client

Comment from another expert:

Seems this most often occurs when the network connection fails or has not completed before Windows tries to contact the domain controller. I see you have tried the GPO "fix". A couple of other ideas as food for thought;
- http://support.microsoft.com/default.aspx?scid=kb;en-us;840669#E6ADAAA
- assuming there is more than one network adapter (wired and wireless) check the network adapter binding order in advanced Network Connections, and make sure your adapter is at the top of the list
- It is possible a software firewall, if one is installed, might be blocking RPC or other network services. Disable any at least for testing purposes

@B A . yes i have use UNC path.
yes i am able to deploy on other PCs on network.
no, i connected this pc recently to domain so this is the first deployment  on this PC
yes i have recreated the policy many times but it did't worked

Have you really used this settings for the policy? "Do not enroll certificates automatically"

yes i have done this

To be clear, no one of your packages applies to the WinXP client, right?

To be continued... (tomorrow)

yes, no one of my packages applies to the WinXP client.
wait for you tomorrow

i am disabling  auto enrollment certificate on client pc, did you mean to do on server?

Your Win XP systems have a problem with connecting to the domain more. Disabling Automatic Certificate has nothing to do with that, as once disabled, it has another error where it cannot connect to the DC.

If you run nslookup in cmd, does it say a NetBIOS server? If you ping that server, do you get an answer back? Are the DNS settings set up in your LAN connection (DNS suffixes)? Can you ping any random server?

Is there a DC available in the subnet of the XP Clients? Or are they connecting to a DC outside their subnet or even outside their LAN?

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: B A (https:#a42146493)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer