Maybe instead of calling the installation executable directly from the GPO, call a script which runs and checks for the correct version of the software then if not correct running the installer?
I had come across this method when searching the Internet.
Typically if it's an MSI it will apply the once and that's it. You do have the option to re-deploy to all that already have it if you so wish.
It's a good way to deploy programs to be fair although some programs you may find won't install because of language settings.
I thought it would only be applied once.
From my understanding on boot the GPO will list present GUID's and if any one is missing it will then look to install said application.
How big is the company you are working for? If it is a small organisation scripting can be the best way to distribute software, I recommend PSEXEC for this purpose.
If you're medium to large you'll want a more manageable solution; there are plenty of remote management tools out there that fit your purpose; Certero, GFI MAX, Microsoft Intune etc
Managed AV solutions often come with software distribution such as Kaspersky, what AV are you using?
It's a small organisation, only around 60 computers, but obviously I don't fancy going round each one just to install/update Flash etc.
We use Sophos anti virus at the moment and that has been installed on each computer in turn.
Hiya,
I've been using GPOs to deploy software for about 6 months, the usual suspects such as Java, Adobe Reader, Flash included.
Anything that comes packaged in an MSI can easily be deployed by GPO. And the software is only deployed on the PC once. You have some options advanced with the GPO, like uninstalling the software when the PC is moved out of scope (N.B moved somewhere else in active directory where the GPO no longer applies). You can also set the GPO up so it will install the MSI irrespective of any language conflicts, however I've not yet had to do anything like that.
If it's a smallish network (<100 users) it's probably not worth spending additional $$$ on tools to help you handle deployments.
Other non-MSI installers can sometimes be wrapped in an MSI or might even, when expanded, contain an MSI. The Windows Installer Wrapper Wizard is a useful tool for wrapping .EXEs.
It can take a bit of trial and error to get right. I've found machines hadn't really been maintained with current versions of software and my GPOs to upgrade applications sometimes conflicted with user pre-installed versions. It's taken a few iterations of updates to ensure things are in a known state when an update starts. (Unfortunately some of our userbase has a solid case for having administrative rights over their machines).
I would suggest using a test PC (could be a VM) in it's own org unit to test your new/updated GPOs before rolling them out company wide.
Yeah, I was thinking about this the other day. I don't know what version of Flash and Java etc the computers are running, unless I go round and check.
I had set up an old laptop as a test computer before I started putting it out to user computers.
If it's a pure Microsoft network I would handle things like;
(Through GPO's)
Test first on a dummy machine then boot all the systems up manually or use WOL depends on how many systems you talking about here.
... Do an un-install first then an install ...
> Adobe Acrobat Reader
> Adobe Flash
> Adobe Shockwave
> Microsoft Silverlight
> Java
Got any tips for un-installing old versions?
I'm fairly sure Flash updates the current installed version to the latest, but Java installs itself again and leaves the old one installed too. I don't fancy going round un-installing it on each computer.
Also, like I said above, I don't know exactly what version of Java for example each computer is running.
Thank you all for your help.
