troubleshooting Question

SOFTWARE installation using GPO doesn't work...

Avatar of philjans
philjansFlag for Canada asked on
Active DirectoryInstallationWindows 10AzureWindows Server 2016
4 Comments1 Solution488 ViewsLast Modified:
Trying to install by GPO CarbonBlack but it doesn't work,
I am following their procedure:
To deploy sensors using Group Policy:
1. Click Start > Administrative Tools > Group Policy Management.
2. Go to Forest: YOURDOMAIN > Domains > YOURDOMAIN > Group Policy Objects.
3. Right-click the Group Policy Objects folder and click New.
4. Type a name for the new Group Policy Object (GPO).
5. In the Group Policy Objects folder, click the new GPO.
6. In the bottom right pane, remove the Authenticated Users entry from the Security
Filtering box.
7. To deploy the sensors on specific computers only, add all of the specific computer
names that you want the sensor to be deployed on. To deploy sensors on all
computers in the domain, add the group "Domain Computers". Right-click the
YOURDOMAIN folder in the Navigation pane. Click Link an existing GPO. Click the new
GPO and click OK.
8. Right-click the GPO in the Group Policy Objects folder and click Edit.
9. In the new window, go to Computer Configuration > Policies > Software Settings >
Software installations. Right-click inside the empty pane on the right and go to New
> Software Package. In the new window that appears, go to the share that you
10. Under Deployment method, click Advanced.
11. Add an easily identifiable package name (for example, DefenseSensor32).
12. For a 32-bit .msi file only, in the Deployment tab, click Advanced and deselect Make
this 32-bit x86 application available to Win64 machines. Click OK.
13. Click the Modifications tab and click Add.
14. Select the .mst file that you created in the previous procedure.
15. Save your changes.
Chapter 3: Deploy and Manage Sensors
Cb Defense User Guide v2.2.2 34
16. Deploy sensors: if you use a script to force a reboot to update the policy objects, run
the script.
17. To verify that sensors are deploying correctly, check the console periodically to verify
that sensor information is populating and that the sensors are checking in regularly.

I see in gpresult /R that the strategie is there
The files are located on a share on my file server and the permissions are everyone read on the share and everyone read in the Security

But in even viewer system I get:

event id 108 %%1612
event id 303 successfull
event id 102 failed %%1612
event id 301 successfull

I also tried putting it in the gpo under Users instead of Computers same thing.

I don't know why the procedure ask to remove in step 6 the permissions also... And why under Computer instead of Users?
Jeff Glover
Sr. Systems Administrator

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros