1 / 41

Managing Microsoft & “ other software ” Through GPOs

Managing Microsoft & “ other software ” Through GPOs. Terry Sullivan, Shiloh CUSD #1. Presentation Slides. www.shiloh.k12.il.us/presentations Look in the ILTCE2008 folder. Disclaimer.

dwayne
Download Presentation

Managing Microsoft & “ other software ” Through GPOs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing Microsoft & “other software”Through GPOs Terry Sullivan, Shiloh CUSD #1 Non-MS Software Installation

  2. Presentation Slides • www.shiloh.k12.il.us/presentations • Look in the ILTCE2008 folder Non-MS Software Installation

  3. Disclaimer • This session is intended for those using or planning to use Active Directory on Windows Server 2000 or 2003 with Windows 2000 Professional, Windows XP or Vista • The concepts discussed in this class do not directly pertain to earlier versions of Windows products or any non-Windows products • Most Installation “ideas” can be adapted to Samba or Novell networks Non-MS Software Installation

  4. Introduction • Active Directory • Group Policy Objects • Microsoft Installer (msi) • Network install points • Alternate ways to automate software deployment Non-MS Software Installation

  5. Installing Software • Traditional • Imaging • Group Policy Objects • Scripts • Creating or finding installation “Packages” Non-MS Software Installation

  6. Traditional Method • Requires manual intervention at each machine • Requires administrator rights • Poor control over install options • OK for small installs or “exceptions” • Poor for large-scale deployments Non-MS Software Installation

  7. Installing using imaging • Software can be deployed on software “images” using software such as Symantec Ghost • Install software using “traditional” method on “build” computer • Once all software is installed and tested for this configuration, run Sysprep • Follow manufacturer instructions for capturing the image and deploying to multiple systems Non-MS Software Installation

  8. Customizing Software Configuration • Manual per user • Install and create custom configuration in base “image” • Use custom command line switches to launch the program • Use GPO templates to push out configuration settings • Can create custom registry script to accomplish the same thing Non-MS Software Installation

  9. Using Centralized Management to install • Good way to deploy on large scale • Requires advance planning and testing • Tight control over install options • Does not require individual intervention at the workstation • Central Management Tools • Active Directory and GPOs • Requires .msi file • To work “easily” requires software optimized for GPO installs • OTHER Tools Non-MS Software Installation

  10. .msi Files • Microsoft installer • All recent MS software includes .msi installer files • Much 3rd party software uses .msi • Tools available to build .msi files for apps that do not include them Non-MS Software Installation

  11. Network install point • Installer and related files must be on a publicly accessible share • Needs to be a UNC share path • Most .msi files have “administrative” install option that allows installing to a network share for mass deployment Non-MS Software Installation

  12. Deploying Software through GPOs • Overview of process • Assigning vs. Publishing • Computer vs. User • Deployment Options • Transforms (.mst) Non-MS Software Installation

  13. Overview of process • Create or open Group Policy Object • Determine if software installation will be by user or computer • Locate .msi package • Determine deployment method • Published (User only) • Assigned • Advanced (use for additional options) • Modify properties, security, etc. Non-MS Software Installation

  14. Deployment Methods • Assign • Publish • Advanced • Choose to Assign or Publish • Set other options • Only way to specify transform (.mst) files Non-MS Software Installation

  15. Assign vs. Publish • Assign • Automatically installs the software • Publish • software can be made available, but not installed • Not available for machine-based configuration Non-MS Software Installation

  16. Computer vs User • Computer can only use “Assign” option • Software deployed based on Computer is installed upon computer boot • Software deployed based on User is installed upon user login Non-MS Software Installation

  17. Transforms (.mst) • Used to apply customization • Different .mst files can be applied in different policies • Multiple transforms can be applied Non-MS Software Installation

  18. Removing software • Right-click on package and select Remove • Option to remove immediately will remove software the next time the machine updates its policies • Option to remove package, but leave software installed • If option is checked to remove when app falls out of mgmt • Software will be removed when Policy is no longer linked • Software will be removed if machine is removed from OU where it is applied Non-MS Software Installation

  19. Installing through scripts • Software that includes an automated installer, but not a .msi file may be able to be installed using a startup or login script • Script should check if software is already installed to prevent unnecessary processing • Since scripts execute before user intervention is allowed, the installer must be fully automated • Looking for “SILENT INSTALL” option • Possibly use install files (.inf or .ini for example) • Possibly use command line switches • Can still use GPO to deploy by including script in Startup/Shutdown/Logon/Logoff policy settings Non-MS Software Installation

  20. Silent Install • No User Intervention • Need some way to answer all the normal user/dialog screens • Answer file or Transform (mst) • Some software has a silent switch • Application.exe /s • Also look for a passive switch • Best if avoid “reboot” (check for switch) • MSI Packages • Use “MSIEXEC.EXE” to install • Look at command line switches to modify msiexec Non-MS Software Installation

  21. Common Silent Switches options in install packages* • setup.exe /q • setup.exe /qn • setup.exe /silent • setup.exe /s • setup.exe /NoUserInput • setup.exe /unattended • setup.exe /CreateAnswerFile • setup.exe /quiet *Mileage may vary  Non-MS Software Installation

  22. Options • Standard MS Package designed for Network silent install • Find a custom “installer package” created for the purpose of automating network installs • Roll your own network install package • Script a silent install and use startup/logon scripts to deploy • Manually install from, but from a central location Non-MS Software Installation

  23. Example - MS Office 2003 • Easy and specifically designed for rollout via AD • MS supplies the ORK tool to create custom versions • Create Network Install Point • Create Custom Configuration • Create software install GPO Non-MS Software Installation

  24. Example - FireFox 2.0.12 • Grab Front Motion MSI package and “adm” templates • http://www.frontmotion.com/Firefox/ • Expand & copy to an Admin Install Point • Use GPO – software install to deploy • Use “adm” template and GPO to configure Non-MS Software Installation

  25. OLD - not current FireFox - alternative • Use the WetDog utilites • http://wetdog.sourceforge.net/ • Needs support tools • Still only ver 0.9 Non-MS Software Installation

  26. Creating .msi files(roll your own) • WinINSTALL LE • Included with Windows 2000 & Initial 2003 • DISCOZ.EXE is used to build .msi • MakeMSI • Freeware tool • http://dennisbareis.com • Epsilon Squared • Freeware tool • http://www.epsilonsquared.com/ Non-MS Software Installation

  27. Software Install MakersCreates “appname.exe” • My Inno Setup (Jordan Russell’s Software) • http://isx.wintax.nl/ • Advanced Installer 3.8.1 (Caphyon) • http://www.advancedinstaller.com/ • OnDemand Software $$ • Winstall & Winstall LE – 2003 • http://www.ondemandsoftware.com/PurchaseLE.asp Non-MS Software Installation

  28. Demonstration – Create and MSI file • Requires “clean” system to start • Software takes a before “snapshot • Installation proceeds as typical • Software takes an after “snapshot” • All changes are recorded and stored in the .msi package • TO USE – apply the newly created .msi file to another machines and all the recorded changes are applied to the target system Non-MS Software Installation

  29. Example – IrfanView 4.00 • Roll your own Package • Copy to Network Install Point • Use GPO – Software Install Non-MS Software Installation

  30. Example OpenOffice 2.3.0 • OpenOffice.org • Grap package and expand • Point to MSI installer and script “msiexec.exe” • call msiexec /qb! /i \\Srv2k3testapp\Installers\OpenOff2\OOffice2.3InstallFiles\openofficeorg23.msi ALLUSERS=1 SELECT_WORD=0 SELECT_EXCEL=0 SELECT_POWERPOINT=0 • Run script from a ComputerOU – Startup Script Non-MS Software Installation

  31. Same Script but this is a VB Version for comparison • Dim WshShell • Set WshShell = WScript.CreateObject("WScript.Shell") • WshShell.Run ("msiexec /qb! /i msiexec /qb! /i \\Srv2k3testapp\Installers\OpenOff2\OOffice2.3InstallFiles\openofficeorg23.msi ALLUSERS=1 SELECT_WORD=0 SELECT_EXCEL=0 SELECT_POWERPOINT=0", 3, true) • WScript.Quit() Non-MS Software Installation

  32. ISSUE: GPO processing • Computer Configuration --> Administrative Templates --> System --> Logon -->Always wait for the network at computer startup and logon--> Enable Non-MS Software Installation

  33. Example – PhotoStory 3 • Grab the installer from Microsoft • It is an “MSI” package but not intended for scripted install • Point to MSI installer and script “msiexec.exe” • Script it: • call msiexec /i \\Srv2k3testapp\Installers\PhotoStory3\PStory.msi /quiet /passive /norestart Non-MS Software Installation

  34. Java 6.4 Runtime • Download the FULL installer • Use the “/s” silent install switch • \\Srv2k3testapp\Installers\JAVA\jre-6u4-windows-i586-p.exe /s • Call with a script via GPO – Computer Startup Scripts Non-MS Software Installation

  35. ITALC - Windows • Automated installation • You can also automate iTALC-installation (especially useful for installing a lot of clients). This is done by making a reference-installation on a client and check the option "Save installation-settings" at the end of installation. Then a file called installsettings.xml will be created in the directory which setup.exe is located in. This file can be used for installing other clients by passing the file name as a parameter the next time, e.g. • setup installsettings.xml • http://italc.sourceforge.net/wiki/index.php?title=Installation Non-MS Software Installation

  36. Plan B: Manual but from central location • Use the MSTools now owned by Microsoft • Run as a command remotely using PSEXEC • PSEXEC.exe @computerlist.csv –high -s -dmsiexec /i \\Srv2k3testapp\Installers\PhotoStory3\PStory.msi /quiet /passive /norestart Non-MS Software Installation

  37. Adding ADM templates • Find the ADM package • Copy to Server • %systemdrive%\windows\inf • Open GPMC policy editor and ADD ADM --------------------------------------------------------- • Advanced Course – can create custom adm template files Non-MS Software Installation

  38. Office 2007 Compatibility Pack • Download the Compatibility Pack Utility for Office XP-2003 • Expand with the command line to get the MSI file: • compatibilitypacksp1-kb940289-fullfile-en-us.exe/extract:path_to_package • Place the package in a UNC Share • Assign the package to install via GPO Non-MS Software Installation

  39. SMARTBoard Software • To perform a default installation from a command line • 1. Click Start > Run and type CMD. • A DOS window opens. • 2. Type the following command line: • msiexec /i"Path to the .msi\SMART Board Software.msi" • 3. Press Enter. • NOTE: The SMART Board Software.msi file is located in the Windows\SMART Board • Software\setup folder on the SMART Board software CD. If desired, you can copy the entire contents of the CD to any accessible network server and run the command from that location. • Installation Options • You can use standard Windows Installer options and the following optional command line properties to customize the installation. Non-MS Software Installation

  40. Resources/Ideas • OpenOffice-Enterprise • http://openofficetechnology.com • Sites with ideas and package managers • http://www.appdeploy.com/ • http://wpkg.org/ • http://intelliem.editme.com/depappswitches Non-MS Software Installation

  41. Q&A Terry Sullivan tsulliva@comwares.net Non-MS Software Installation

More Related