Configure Software Deployment GPOs

The Group Policy Software Installation (GPSI) feature allows you to deploy software to multiple users. The software can be made available in two ways: One of the ways is that as soon as the software is deployed the users can access the software from any computer and the other way is to deploy the application to computers. The users logged in can use the applications. With the use of GPSI the applications can be deployed without the use of any technical support representative. The applications can be updated, maintained and deleted through the GPO as per the needs of the organization.

The applications can be deployed using Windows Installer Packages. These files are available with .msi extension. The .msi files contain explicit instructions regarding the installation and removal of the application. To update the applications the patch files called .msp files are used.

As mentioned above, the applications can be deployed in two ways, these ways are:

Deploying an Application through GPSI
To deploy

To deploy an application through GPSI, you need to:
  1. Create a First level OU called Applications and then create a Global security group under it called grp_Notepad using Active Directory Users and Computers snap-in, as shown in Figure 5-15. The users of only this group will be able to get the deployed application.
    Figure 5-15
  2. Ensure that you have the application available to you on your hard disk that you want to deploy. For testing purpose, you can download XML_Notepad application from the URL\downloads.
  3. Provide Read and Execute permission on the folder in which you have kept the installation package for the software to be installed to the grp_Notepad group.
  4. Open the Group Policy Management snap-in and then create a new group policy object called App_to_deploy_notepad.
  5. Right_click the App_to_deploy_notepad GPO and then select Edit from the menu that appears, as shown in Figure 5-16:
    Figure 5-16
  6. Expand the Software Settings node under the User Configuration node in the Group Policy Management Editor that appears, as shown in Figure 5-17
  7. Right_click the Software Installation node and then select New->Package
    Figure 5-17
  8. Provide the path of the software installation folder in the Name field of the Open dialog box that appears and click Open. In this example provide the path for the XML_Notepad that you have downloaded.
  9. Select Advanced in the Deploy Software dialog box that appears.The Properties window of the deployment package appears, as shown in Figure 5-18.
  10. Click Deployment tab and then select Assigned.
  11. Select Install this application at logon and then select Uninstall this application when it fails out of the scope of management options.
  12. Click OK and then close the Properties window and the Group Policy Management Editor window
    Figure 5-18
  13. Select the App_to_deploy_notepad GPO from the Group Policy Objects container in the Group Policy Management console, as shown in Figure.
  14. Click on the Scope tab and remove Authenticated users from the Security Filtering list.
  15. Add grp_Notepad group that you have created to the Security Filtering list, as shown in Figure 5-19:
    Figure 5-19

    The GPO is now ready to be implemented. It cannot function until it is linked to a domain. So you now need to link it to a domain

  16. Right-click the domain name and then select Link an Existing GPO option from the menu that appears, as shown in Figure 5-20:
    Figure 5-20
  17. Select the App_to_deploy_notepad GPO from the Select GPO dialog box that appears, as shown in Figure 5-21:
    Figure 5-21

    The linked GPO appears in the list of Linked Group Policy Objects for the domain as shown in Figure 5-22.

    Figure 5-22

    The software application is now assigned to the user of group grp_Notepad. As soon as the users of this group will logon to any of the computers in the domain the application will be installed when the users will try to use it.