install apps through active directory and group policy editor

K

kev

This is probably a common question, but I searched few search engines,
but I couldn't find any good information about it. I am a UNIX admin,
but these days, few companies are cutting the budget, so I gained the duty
of maintaining the Active Directory. My question might be very simple to
some of you. How would I convert setup.exe or plain no setup applications
to msi, so I can install it on the client machines through the Active
Directory and Policy Manager? This is so easy in Linux using crontab and
package managers. This seems very difficult in Windows. Is it also,
possible to use batch files in the combination with msi to install the
applications in the background while users are working? How would I also
install Windows Updates through the Active Directory, so all these
machines don't have to constantly contact Microsoft?

Thank you so much ahead of time.
 
F

Florian Frommherz [MVP]

Howdie kev!
This is probably a common question, but I searched few search engines,
but I couldn't find any good information about it. I am a UNIX admin,
but these days, few companies are cutting the budget, so I gained the duty
of maintaining the Active Directory. My question might be very simple to
some of you. How would I convert setup.exe or plain no setup applications
to msi, so I can install it on the client machines through the Active
Directory and Policy Manager? This is so easy in Linux using crontab and
package managers. This seems very difficult in Windows. Is it also,
Click to expand...

Software Installation only works with MSI (Windows Installer) files. You
have two choices now:
(a) Use a tool like WininstallLE to snapshot the changes, the setup.exe
will do on a sample machine (both registry and file system) and let it
compile a MSI file for you.

(b) use a ZAP (Zero Administration Package, iirc) file to deploy the
..exe file through Active Directory. But this lacks of many features that
come with MSI like uninstall or repair...:
http://support.microsoft.com/kb/231747
possible to use batch files in the combination with msi to install the
applications in the background while users are working? How would I also
install Windows Updates through the Active Directory, so all these
machines don't have to constantly contact Microsoft?
Click to expand...

A Group Policy computer startup script (.cmd, .bat, .vbs) could be
possible. The script could call the .exe with any silence-parameters it
provides. Note that it must be a startup script since the script then
runs in the SYSTEM context and has sufficient priviledges to run the
setup. Make sure "Authenticated Users" have sufficient rights on the
share (computers are member of "Authenticated Users" as well).

Regarding your Windows Update wish - this is nothing I would do with
Group Policy and Active Directory. You could have a look at WSUS
(Windows Server Update Services) Server 3.0 (free download from
Microsoft) which provides a "central store" for Windows and Office
Updates in your network.
http://technet.microsoft.com/en-us/wsus/default.aspx

cheers,

Florian
 
K

kev

Howdie kev!


Software Installation only works with MSI (Windows Installer) files. You
have two choices now:
(a) Use a tool like WininstallLE to snapshot the changes, the setup.exe
will do on a sample machine (both registry and file system) and let it
compile a MSI file for you.

(b) use a ZAP (Zero Administration Package, iirc) file to deploy the
.exe file through Active Directory. But this lacks of many features that
come with MSI like uninstall or repair...:
http://support.microsoft.com/kb/231747


A Group Policy computer startup script (.cmd, .bat, .vbs) could be
possible. The script could call the .exe with any silence-parameters it
provides. Note that it must be a startup script since the script then
runs in the SYSTEM context and has sufficient priviledges to run the
setup. Make sure "Authenticated Users" have sufficient rights on the
share (computers are member of "Authenticated Users" as well).
Click to expand...

I following the instruction on various forums.
1. I divided OU based on the policy level.
2. Apply the policy on a seperate OU.
3. I launched the policy editor inside that OU.
4. I went to software installation and browsed to "shared folder" that
contained the msi file. It is set to install the app. From the
workstation, I made sure the share can be accessed.
5. msi application is set to assigned.
6. when i login from other computer that is on the same OU that I
assigned, nothing happens. I checked the start group and went to
ADD/REMOVE section, and I don't see the app.
7. I also tested with other MSI files.
8. The client machine has been rebooted.

What am I doing wrong?
 
K

kev

never mind. i found the solution after pulling so much of my hairs out.
the dns was pointed to our unix dns server instead of dns server on the
active directory.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

installing apps through active directory and group policy editor 3
Active directory and group policy Installation 1
Windows Server What can Active Directory Do? 6
need help with Group Policy 1
Group Policy Security Context 1
How apply Group policy in win2k Active directory 1
Windows 2000 group policy application installation order 2
Software Installation via Group Policy 4

Top