Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients



Similar documents
Distributing SMS v2.0

Active Directory Software Deployment

Installation Manual (MSI Version)

DeviceLock Management via Group Policy

Promap V4 ActiveX MSI File

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

DeviceLock Management via Group Policy

SARANGSoft WinBackup Business v2.5 Client Installation Guide

4cast Client Specification and Installation

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

PC Power Down. MSI Deployment Guide

XMap 7 Administration Guide. Last updated on 12/13/2009

Lab A: Deploying and Managing Software by Using Group Policy Answer Key

ACTIVE DIRECTORY DEPLOYMENT

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Installing Client GPO Software

How to deploy Arkeia Network Backup v10 on Windows Server 2008 and later with a domain

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

Deploying Software with Group Policy Whitepaper

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Create, Link, or Edit a GPO with Active Directory Users and Computers

DriveLock Quick Start Guide

2. Using Notepad, create a file called c:\demote.txt containing the following information:

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Group Policy for Beginners

Version 5.0. SurfControl Web Filter for Citrix Installation Guide for Service Pack 2

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

NetIQ Advanced Authentication Framework. FIDO U2F Authentication Provider Installation Guide. Version 5.1.0

MailStore Outlook Add-in Deployment

Windows Clients and GoPrint Print Queues

Sharpdesk V3.5. Push Installation Guide for system administrator Version

Installation Guide - Client. Rev 1.5.0

Autograph 3.3 Network Installation

White Paper. Network Installation of ScanSoft PDF Create! 2

Shellfire L2TP-IPSec Setup Windows XP

Comodo MyDLP Software Version 2.0. Endpoint Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Adobe Acrobat 9 Deployment on Microsoft Windows Group Policy and the Active Directory service

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

How To Install Outlook Addin On A 32 Bit Computer

Technical Reference: Deploying the SofTrack MSI Installer

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000)

STATISTICA VERSION 11 CONCURRENT NETWORK LICENSE WITH BORROWING INSTALLATION INSTRUCTIONS

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

safend a w a v e s y s t e m s c o m p a n y

NetIQ Advanced Authentication Framework - Administrative Tools. Installation Guide. Version 5.1.0

SmartDraw Installation Guide

Automating client deployment

Both MS Windows 2000 Server and MS System Management Server (SMS) support this type of network installation.

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

TeamViewer MSI - Installation instructions to deploy. TeamViewer to your network. Revision TeamViewer b

How to monitor AD security with MOM

These guidelines can dramatically improve logon and startup performance.

Installation Instruction STATISTICA Enterprise Server

Web-Access Security Solution

SAS Installation via the Client-Server Image (CAHNRS Site License)

Specops Command. Installation Guide

PowerMapper/SortSite Desktop Deployment Guide v Introduction

Password Manager Windows Desktop Client

SecurEnvoy Windows Login Agent

Deployment of Keepit for Windows

ContentWatch Auto Deployment Tool

XEROX, The Document Company, the stylized X, and the identifying product names and numbers herein are trademarks of XEROX CORPORATION.

Moving the TRITON Reporting Databases

Installation Instruction STATISTICA. Concurrent Network License with Borrowing Domain Based Registration

Snow Inventory. Installing and Evaluating

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

NetWrix Password Manager. Quick Start Guide

Symantec AntiVirus Corporate Edition Patch Update

Table of Contents. Table of Contents Installation overview Create a Group Policy Object and Deploy SmartAgentSetup MSI package...

Installation Instruction STATISTICA Enterprise Small Business

Changing Your Cameleon Server IP

Sophos Anti-Virus for NetApp Storage Systems user guide. Product version: 3.0

Moving the Web Security Log Database

Deploying the DisplayLink Software using the MSI files

Virtual Office Remote Installation Guide

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

NETWRIX WINDOWS SERVER CHANGE REPORTER

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

Active Directory Integration Guide

Outpost Network Security

SafeWord Domain Login Agent Step-by-Step Guide

Module 8: Implementing Group Policy

Sophos Anti-Virus for NetApp Storage Systems startup guide

How To Configure CU*BASE Encryption

Sophos Cloud Migration Tool Help. Product version: 1.0

ENABLE LOGON/LOGOFF AUDITING

User Management Tool 1.6

DisplayLink Corporate Install Guide

Aspera Connect User Guide

How to - Install EventTracker and Change Audit Agent

OUTLOOK ADDIN V1.5 ABOUT THE ADDIN

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Transcription:

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients Note: I have only tested these procedures on Server 2003 SP1 (DC) and XP SPII client, in a controlled lab environment, I will not be held responsible for issues arising from editing the Default Domain Policy or any other GPO created. If you do not know what you are doing I suggest that you do not perform these procedures on a customer s network. You may wish to involve the IT administrator onsite to review this document and carry out procedures contained. Note: You have be warned Created by Mr IPO www.iporesource.com

Background Group Policy Software Deployment No one likes the idea of manually installing new versions of applications onto each individual PC in the office. Fortunately, you don t have to. In this article, I will explain how to use the Active Directory to deploy applications, even if those applications don t come with a Windows installer package. One of the biggest chores that administrators have to deal with is application lifecycle management. Whether an office has 20 PCs or 20,000, no one likes the idea of going from machine to machine with an installation CD every time a new version of an application is released. There are programs that are designed to help administrators manage applications across a network, but most tend to be overly complicated and expensive. Microsoft s SMS Server for example costs $1,219, not counting the necessary Windows Server license or additional client access licenses beyond the ten that the product comes with. What you might not realize though is that Windows Server contains tools that you can use to deploy applications throughout your organization without having to buy any third party software. I will tell you up front though that the built in software deployment tools are not as good as what you would get in a third party application. Therefore, if you already have a copy of SMS Server or something similar, you will probably want to keep using it. Before We Begin The technique that I m about to show you will allow you to deploy applications through the Active Directory. One of the major limitations behind this type of application deployment is that you can only use this technique to deploy certain types of applications. Specifically, you can install Windows Installer packages (.MSI files), Transform Files (.MST files), and patch files (.MSP files). A few years ago, this limitation was a major hurdle because almost no one packaged applications in the three supported file types. You could use the Active Directory to deploy Microsoft Office, but that was about it. Today, it s common for applications to include a Windows installer package (a.msi file), so it s a lot easier to deploy applications through the Active Directory than it used to be. Even if the application that you want to deploy doesn t include a Windows Installer package, you aren t completely out of luck. It s possible to make your own MSI file for an existing application. Publishing and Assigning Applications As you may already know, in an Active Directory environment, group policies are the main component of network security. Group policy objects can be applied either to users or to computers. Deploying applications through the Active Directory is also done through the use of group policies, and therefore applications are deployed either on a per user basis or on a per computer basis. There are two different ways that you can deploy an application through the Active Directory. You can either publish the application or you can assign the application. You can only publish applications to users, but you can assign applications to either users or to computers. The application is deployed in a different manner depending on which of these methods you use. Publishing an application doesn t actually install the application, but rather makes it available to users. For example, suppose that you were to publish Microsoft Office. Publishing is a

group policy setting, so it would not take effect until the next time that the user logs in. When the user does log in though, they will not initially notice anything different. However, if the user were to open the Control Panel and click on the Add / Remove Programs option, they will find that Microsoft Office is now on the list. A user can then choose to install Microsoft office on their machine. One thing to keep in mind is that regardless of which deployment method you use, Windows does not perform any sort of software metering. Therefore, it will be up to you to make sure that you have enough licenses for the software that you are installing. Assigning an application to a user works differently than publishing an application. Again, assigning an application is a group policy action, so the assignment won t take effect until the next time that the user logs in. When the user does log in, they will see that the new application has been added to the Start menu and / or to the desktop. Although a menu option or an icon for the application exists, the software hasn t actually been installed though. To avoid overwhelming the server containing the installation package, the software is not actually installed until the user attempts to use it for the first time. This is also where the self healing feature comes in. When ever a user attempts to use the application, Windows always does a quick check to make sure that the application hasn t been damaged. If files or registry settings are missing, they are automatically replaced. Assigning an application to a computer works similarly to assigning an application to a user. The main difference is that the assignment is linked to the computer rather than to the user, so it takes effect the next time that the computer is rebooted. Assigning an application to a computer also differs from user assignments in that the deployment process actually installs the application rather than just the application s icon. Deploying Applications Setting up the actual deployment is simple. The biggest thing that you must remember is that the MSI file and the corresponding package must exist within a network share, and everyone must have read permissions for that share. To perform the deployment, open the Group Policy Editor. To publish or assign an application to a user, navigate through the group policy console to User Configuration Software Settings Software Installation. Now, right click on the Software Installation container and select the New Package commands from the shortcut menu. Select the appropriate MSI file and click Open. You are now asked whether you want to publish or assign the application. Make your selection and click OK. The process for assigning an application to a computer is almost identical. The only real difference is that you would use the Software Settings Software Installation container beneath the Computer Configuration container rather than beneath the User Configuration container. Conclusion In this article, I have explained how you can deploy applications through a group policy setting. Keep in mind that group policy is hierarchical in nature though. This means that when you are setting up the deployment policy you will have to be careful to make sure that the policy applies to the appropriate users or computers.

How to extract the Phone Manager 3.2 MSI file Open the 3.2 User CD Open the pmp directory and run the pmpsetup.exe

The MSI file will be extracted You will then receive the following error Press OK Go to Start Menu and Search for files and folders Search the c:\ drive for phonemanager.msi

You should find the MSI located in C:\WINDOWS\Downloaded Installations\{0B5EF68A-22CD-453B-BFC9-B3EA37E23B4A} This is the file you reference when configuring your Assigning Software or Publishing Software paths in the steps below.

Please Note: I have only tested these procedures on Server 2003 SP1 (DC) and XP SPII client, in a controlled lab environment, I will not be held responsible for issues arising from editing the Default Domain Policy or any other GPO created. If you do not know what you are doing I suggest that you do not perform these procedures on a customer s network. You may wish to involve the IT administrator onsite to review this document and carry out procedures contained. Note: You have be warned Please see below references to Microsoft Knowledge base articles How to use Group Policy to remotely install software in Windows Server 2003 View products that this article applies to. Article ID : 816102 Last Review : October 12, 2005 Revision : 5.1 For a Microsoft Windows 2000 version of this article, see the following Knowledge Base article: 314934 (http://support.microsoft.com/kb/314934/) HOW TO: Use Group Policy to Remotely Install Software in Windows 2000 On This Page SUMMARY Create a Distribution Point Create a Group Policy Object Assign a Package Publish a Package Redeploy a Package Remove a Package Troubleshoot Published Packages Are Displayed on a Client Computer After You Use a Group Policy to Remove Them REFERENCES SUMMARY This step-by-step article describes how to use Group Policy to automatically distribute programs to client computers or users. You can use Group Policy to distribute computer programs by using the following methods: Assigning Software You can assign a program distribution to users or computers. If you assign the program to a user, it is installed when the user logs on to the computer. When the user first runs the program, the installation is finalized. If you assign the program to a computer, it is installed when the computer starts, and it is available to all users who log on to the computer. When a user first runs the program, the installation is finalized. Publishing Software You can publish a program distribution to users. When the user logs on to the computer, the published program is displayed in the Add or Remove Programs dialog box, and it can be installed from there. Note Windows Server 2003 Group Policy automated-program installation requires client computers that are running Microsoft Windows 2000 or later.

Create a Distribution Point To publish or assign a computer program, you must create a distribution point on the publishing server: 1. Log on to the server computer as an administrator. Create a shared network folder where you will put the Microsoft Windows Installer package 2. (.msi file) that you want to distribute. 3. Set permissions on the share to allow access to the distribution package. 4. Copy or install the package to the distribution point. For example, to distribute Microsoft Office XP, run the administrative installation (setup.exe /a) to copy the files to the distribution point. Create a Group Policy Object To create a Group Policy object (GPO) to use to distribute the software package: Start the Active Directory Users and Computers snap-in. To do this, click Start, point to 1. Administrative Tools, and then click Active Directory Users and Computers. 2. In the console tree, right-click your domain, and then click Properties. 3. Click the Group Policy tab, and then click New. Type a name for this new policy (for example, Office XP distribution), and then press 4. ENTER. 5. Click Properties, and then click the Security tab. 6. Click to clear the Apply Group Policy check box for the security groups that you want to prevent from having this policy applied. Click to select the Apply Group Policy check box for the groups that you want this policy 7. to apply to. 8. When you are finished, click OK. Assign a Package To assign a program to computers that are running Windows Server 2003, Windows 2000, or Microsoft Windows XP Professional, or to users who are logging on to one of these workstations: Start the Active Directory Users and Computers snap-in. To do this, click Start, point to 1. Administrative Tools, and then click Active Directory Users and Computers. 2. In the console tree, right-click your domain, and then click Properties. Click the Group Policy tab, select the group policy object that you want, and then click 3. Edit. 4. Under Computer Configuration, expand Software Settings. 5. Right-click Software installation, point to New, and then click Package. In the Open dialog box, type the full Universal Naming Convention (UNC) path of the shared installer package that you want. For example, \\file server\share\file name.msi. 6. Important Do not use the Browse button to access the location. Make sure that you use the UNC path to the shared installer package. 7. Click Open. Click Assigned, and then click OK. The package is listed in the right pane of the Group 8. Policy window. Close the Group Policy snap-in, click OK, and then quit the Active Directory Users and 9. Computers snap-in. When the client computer starts, the managed software package is automatically 10. installed.

Publish a Package To publish a package to computer users and make it available for installation from the Add or Remove Programs tool in Control Panel: Start the Active Directory Users and Computers snap-in. To do this, click Start, point to 1. Administrative Tools, and then click Active Directory Users and Computers. 2. In the console tree, right-click your domain, and then click Properties. Click the Group Policy tab, click the group policy object that you want, and then click 3. Edit. 4. Under User Configuration, expand Software Settings. 5. Right-click Software installation, point to New, and then click Package. 6. In the Open dialog box, type the full UNC path of the shared installer package that you want. For example, \\file server\share\file name.msi. Important Do not use the Browse button to access the location. Make sure that you use the UNC path to the shared installer package. 7. Click Open. 8. Click Publish, and then click OK. 9. The package is listed in the right pane of the Group Policy window. 10. 11. Close the Group Policy snap-in, click OK, and then quit the Active Directory Users and Computers snap-in. Test the package: Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps. Log on to a workstation that is running Windows 2000 Professional or Windows XP a. Professional by using an account that you published the package to. b. In Windows XP, click Start, and then click Control Panel. c. Double-click Add or Remove Programs, and then click Add New Programs. In the Add programs from your network list, click the program that you d. published, and then click Add. The program is installed. e. Click OK, and then click Close. Redeploy a Package In some cases you may want to redeploy a software package. For example, if you upgrade or modify the package. To redeploy a package: Start the Active Directory Users and Computers snap-in. To do this, click Start, point to 1. Administrative Tools, and then click Active Directory Users and Computers. 2. In the console tree, right-click your domain, and then click Properties. 3. Click the Group Policy tab, click the Group Policy object that you used to deploy the package, and then click Edit. Expand the Software Settings container that contains the software installation item that 4. you used to deploy the package. 5. Click the software installation container that contains the package. In the right pane of the Group Policy window, right-click the program, point to All Tasks, and then click Redeploy application. You will receive the following message: 6. Redeploying this application will reinstall the application everywhere it is already installed. Do you want to continue? 7. Click Yes. 8. Quit the Group Policy snap-in, click OK, and then quit the Active Directory Users and

Computers snap-in. Remove a Package To remove a published or assigned package: Start the Active Directory Users and Computers snap-in. To do this, click Start, point to 1. Administrative Tools, and then click Active Directory Users and Computers. 2. In the console tree, right-click your domain, and then click Properties. 3. Click the Group Policy tab, click the Group Policy object that you used to deploy the package, and then click Edit. Expand the Software Settings container that contains the software installation item that 4. you used to deploy the package. 5. Click the software installation container that contains the package. 6. In the right pane of the Group Policy window, right-click the program, point to All Tasks, and then click Remove. Do one of the following: Click Immediately uninstall the software from users and computers, and then 7. click OK. Click Allow users to continue to use the software but prevent new installations, and then click OK. 8. Quit the Group Policy snap-in, click OK, and then quit the Active Directory Users and Computers snap-in. Troubleshoot Published Packages Are Displayed on a Client Computer After You Use a Group Policy to Remove Them This situation can occur when a user has installed the program but has not used it. When the user first starts the published program, the installation is finalized. Group Policy then removes the program.

How to assign software to a specific group by using a Group Policy View products that this article applies to. Article ID : 302430 Last Review : August 25, 2005 Revision : 4.0 This article was previously published under Q302430 On This Page SUMMARY Assign a Program to a Group REFERENCES SUMMARY You can use group policies to assign or publish software to users or computers in a domain, and it is useful to be able to deploy software based on group membership. Group Policy Objects (GPOs) are normally applied only to members of organizational units (OUs)to which the GPO is linked. Because users cannot be located in several OUs at one time, it is necessary to be able to apply group policies outside of the boundaries of OUs. This article describes how to have your software deployment policy applied to users who are not in a respective OU. Assign a Program to a Group 2. 3. 4. 5. 6. 7. 8. 1. Create a folder to hold the MSI package on a network server. Share the folder with appropriate permissions to allow the users and computers to read and run these files, and then copy the MSI package files into this location. From a Windows 2000-based computer in the domain, log on as a domain administrator, and then start the Active Directory Users and Computers snap-in. NOTE: You can apply group policies to domains, sites, and OUs. From the Active Directory Users and Computers snap-in, click the container you want to have the GPO linked to. Right-click that container, click Properties, and then click the Group Policy tab. Create a new GPO for installing your MSI package, and give the new GPO a descriptive name. While the new GPO is selected, click Edit. This starts the Group Policy snap-in and lets you edit this GPO. Open and then right-click Software installation in the GPO, and then click New Package. You are prompted for the path to the Windows Installer file (.msi) for this package. View the network location that contains the Windows Installer file, click the file, and then click Open. WARNING: If the Windows Installer file resides on the local hard disk, do not use a local path, instead, use a UNC path (such as \\servername\sharename\path\filename.msi) back to the local computer to indicate the location of the installation files. Otherwise, client computers that try to install the package will look on their local hard disks in the location that was indicated, and will not find the installation files at that location, so the installation does not work. When you are prompted to choose between Assigned and Advanced Published or Assigned, click Assigned unless you have the experience and need to modify the

advanced options. You should now see the software package in the right pane of the Group Policy snap-in. From the Active Directory Users and Computers snap-in, click the container to which 9. you linked your GPO. Right-click that container, click Properties, and then click the Group Policy tab. 10. Click your GPO, and then click Properties. 11. Click the Security tab, and then remove Authenticated Users from the list. 12. 13. Click Add, select the security group which you plan to have this policy applied to add it to the list. Select your security group, and then give them READ and Apply Group Policy permissions. Changes to a GPO are not immediately imposed upon the target computers, but are applied in accordance with the currently valid group-policy refresh interval. You can use the Secedit.exe command-line tool to impose GPO settings upon a target workstation immediately. On XP this is GPUDATE

Assigned Example with Phone Manager 3.2 We were editing with the standard 2003 Default Domain Policy you can however create you own policy for Phone Manager

You will see above Phone Manager has been Assigned meaning that the application will be installed automatically when the user next logs in This is because we ticked the Install the application at logon option.

We also assigned domain users so these would be the users affected by the Assigned Application To Uninstall Phone Manager you would right click and select remove and then log the agent off and back on again. Depending on the Domain refresh time you may wish to use cmd / gpupdate to refresh the policy. When the user logs back on the application is uninstalled. If you wished to perform an upgrade of Phone Manager you can replace the existing MSI on the share with the updated version and then select redeploy application and this will force the reload on the users next time they log on.

Published Example See below an example where phone manager has been Published On the client machine you will see under Add remove programs and Add New Programs the option to install Phone Manager.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information