G DATA TechPaper #0204. Installing G Data Security Client using GPOs and logon scripts. G DATA Service Team



Similar documents
SARANGSoft WinBackup Business v2.5 Client Installation Guide

Autograph 3.3 Network Installation

UNCLASSIFIED DISABLING USB STORAGE DEVICES THROUGH GROUP POLICY

Create, Link, or Edit a GPO with Active Directory Users and Computers

Installation Logon Recording Basis. By AD Logon Name AD Logon Name(recommended) By Windows Logon Name IP Address

Automatic Network Deployment

Installing Client GPO Software

ContentWatch Auto Deployment Tool

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

MailStore Outlook Add-in Deployment

Trusted Stackware series. Rev D.O.I-Net Co., Ltd. Document No.:TST E

Endpoint Client Installation using Group Policy (Logon Script):

EventTracker: Support to Non English Systems

How to monitor AD security with MOM

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Windows 2008 Server DIRECTIVAS DE GRUPO. Administración SSII

Setting Up Peak Performance Group Policies

Deployment of Keepit for Windows

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

VMware User Environment Manager

Outpost Network Security

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

PC Power Down. MSI Deployment Guide

Project management integrated into Outlook

Project management integrated into Outlook

DeviceLock Management via Group Policy

DeviceLock Management via Group Policy

These guidelines can dramatically improve logon and startup performance.

Windows Logging Configuration: Audit Policy Configuration

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

Exclaimer Alias Manager for Exchange Deployment Guide - Exclaimer Alias Manager for Exchange Outlook Add-In

RemoteLab 2.0 Admin Guide

Download/Install IDENTD

Cyclope Internet Filtering Proxy

Lab A: Deploying and Managing Software by Using Group Policy Answer Key

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

Using Logon Agent for Transparent User Identification

How To Install Outlook Addin On A 32 Bit Computer

Group Policy 21/05/2013

Group Policy Startup/Shutdown script deployment Guide for Nuance PDF Converter Enterprise Patches

How to - Install EventTracker and Change Audit Agent

Group Policy for Beginners

Promap V4 ActiveX MSI File

ADSelfService Plus: 3rd party Winlogon Client Software Support

Installation Manual (MSI Version)

Configure and enable remote access for windows operating system

TeamViewer 9 Manual MSI

ProjectWise Mobile Access Server, Product Preview v1.1

Pcounter for Windows

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Windows Clients and GoPrint Print Queues

Administrator s Guide to deploying Engagement across multiple computers in a network using Microsoft Active Directory

Easy way to manage add-in deployment

All Windows Installations Guide Contents

Comodo MyDLP Software Version 2.0. Endpoint Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Secrets of Event Viewer for Active Directory Security Auditing Lepide Software

Centrify DirectManage: Group Policy Management

THE POWER OF GROUP POLICY

How To - Implement Single Sign On Authentication with Active Directory

PLANNING AND DESIGNING GROUP POLICY, PART 1

Configuring Managing and Maintaining Windows Server 2008 Servers (6419B)

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

Active Directory Software Deployment

Active Active Directory Deployment Guide Guide

Table of Contents. Table of Contents Installation overview Create a Group Policy Object and Deploy SmartAgentSetup MSI package...

Changing Passwords in Cisco Unity 8.x

MOC 6419: Configuring, Managing, and Maintaining Windows Server 2008

TECHNICAL SUPPORT GUIDE

Guide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu

6419: Configuring, Managing, and Maintaining Server 2008

Building the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Web-Access Security Solution

Upgrading MySQL from 32-bit to 64-bit

TeamViewer MSI - Installation instructions to deploy. TeamViewer to your network. Revision TeamViewer b

Active Directory. Users & Computers. Group Policies

Differences between Computer and User Templates

Windows Server 2003 Logon Scripts Paul Flynn

Specops Command. Installation Guide

Sharpdesk V3.5. Push Installation Guide for system administrator Version

CC4 TEN: Pre-installation instructions for Windows Server networks

ACTIVE DIRECTORY DEPLOYMENT

Contents. Supported Platforms. Event Viewer. User Identification Using the Domain Controller Security Log. SonicOS

BASIC CLASSWEB.LINK INSTALLATION MANUAL

Network installation guide. Version th February 2015

2. Using Notepad, create a file called c:\demote.txt containing the following information:

AD Certificate Distribution

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0

sqlcmd -S.\SQLEXPRESS -Q "select name from sys.databases"

Deep Freeze Enterprise - Patch Management

ODBC Group Policy Settings

Configuring, Managing and Maintaining Windows Server 2008 Servers

Directory Backup and Restore

Transcription:

G DATA TechPaper #0204 Installing G Data Security Client using GPOs and logon scripts G DATA Service Team TechPaper_0204_04_03_2015

Table of Contents 1. 2. 3. 4. Introduction... 3 Creating a Security Client installation package... 3 Creating the batch files... 4 3.1. Installation without Firewall... 4 3.2. Installation with Firewall... 4 Creating the GPOs... 4 Copyright 2015 G DATA Software AG 2

1. Introduction GPOs only work with Windows 2000 and above and therefore will not work with older clients such as Windows 95/98 or Windows NT. GPOs can be assigned to either users or computer objects. GPOs can be linked to OUs, Site or Domain levels, meaning that with one GPO you can assign a logon script to all your users or computers or to specific organizational units within your Active Directory. 2. Creating a Security Client installation package The first step to take is to create an installation package in G Data Administrator. 1. Create a shared folder on the main ManagementServer and share this with all users giving them Read permissions. This folder will contain the G Data Security Client installation package and must be accessible by all PCs that the package will be installed to. In this example a folder called GDClient is used. 2. Open G Data Administrator and select ORGANIZATION > CREATE G DATA SECURITY CLIENT INSTALL PACKAGE. 3. In the information window that opens click on OK. 4. In the SELECT INSTALLATION LANGUAGE window select the ManagementServer that the clients will be managed by in the field PLEASE SELECT A MANAGEMENTSERVER. Select the correct language for the client installation package and click OK. 5. In the window SELECT STORAGE LOCATION select the folder that was previously created and click OK. The client installation package will be created in the background. Copyright 2015 G DATA Software AG 3

3. Creating the batch files Two separate batch files are required if G Data Security Client is to be installed either with or without the firewall. The batch files will check for the existence of G Data Security Client. If already installed the installation will terminate. 3.1. Installation without Firewall 1. On the Domain Controller open Notepad. 2. Insert the following lines: REG QUERY HKLM\SYSTEM\CurrentControlSet\services\AVKWCtl /v ErrorControl if %errorlevel% EQU 1 (call \\<MMS hostname or IP>\GDClient\GDClientPck.exe) 3. Save this file with the name GDClient_NO_FW.bat to the folder C:\Windows\SYSVOL\domain\scripts. 3.2. Installation with Firewall 4. 1. On the Domain Controller open Notepad. 2. Insert the following lines: REG QUERY HKLM\SYSTEM\CurrentControlSet\services\AVKWCtl /v ErrorControl if %errorlevel% EQU 1 (call \\<MMS hostname or IP>\GDClient\GDClientPck.exe /FW) 3. Save this file with the name GDClient_WITH_FW.bat to the folder C:\Windows\SYSVOL\domain\scripts. Creating the GPOs At this point it must be decided which installation script will be applicable for which computers. A GPO can be created for either all computer objects in the domain or specific organizational units. In this example the G Data Security Client will be installed including the firewall to laptop computers in a selected organizational unit. 1. On the Domain Controller open ADMINISTRATIVE TOOLS > GROUP POLICY MANAGEMENT. 2. Select the OU that contains the computer objects that the package will be installed to. 3. Right click the selected OU and select CREATE A GPO IN THIS DOMAIN, and link it here. 4. Give the new GPO a descriptive name and click OK. Copyright 2015 G DATA Software AG 4

5. Right click the newly created GPO and select EDIT. 6. In the Group Policy Management Editor window in the left-hand pane expand COMPUTER CONFIGURATION > POLICIES > WINDOWS SETTINGS and select SCRIPTS (STARTUP/SHUTDOWN). 7. In the right-hand pane double click STARTUP. 8. In the Startup Properties window select ADD. 9. Select the batch file previously created in C:\Windows\SYSVOL\domain\scripts\GDClient_WITH_FW.bat 10. Change the absolute path to the UNC path. Example: \\192.168.1.2\SYSVOL\domain\scripts\GDClient_WITH_FW.bat. Click APPLY and OK. 11. Close the Group Policy Management Editor window. Any client logging in to the domain will now receive the new GPO and the G Data Security Client will be installed. Note: As the presence of an existing installation is not checked using this routine, it is necessary to integrate a procedure for checking the presence of the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\G DATA\AVKClient (64 bit systems) or HKEY_LOCAL_MACHINE\SOFTWARE\G DATA\AVKClient (32 bit systems). If this key exists then no attempt will be made to install the client and the 350 MB client installation files will not be copied to the client. Copyright 2015 G DATA Software AG 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information