1 / 26

MANAGING SOFTWARE

Chapter 9. MANAGING SOFTWARE. SOFTWARE LIFECYCLE. WINDOWS INSTALLER. Can be used with Group Policy in order to implement, maintain, and remove software Windows Installer service (client-side) Group Policy Software Installation Package (server-side). WINDOWS INSTALLER SERVICE.

hammer
Download Presentation

MANAGING SOFTWARE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 9 MANAGING SOFTWARE

  2. Chapter 9: MANAGING SOFTWARE SOFTWARE LIFECYCLE

  3. Chapter 9: MANAGING SOFTWARE WINDOWS INSTALLER • Can be used with Group Policy in order to implement, maintain, and remove software • Windows Installer service (client-side) • Group Policy Software Installation Package (server-side)

  4. Chapter 9: MANAGING SOFTWARE WINDOWS INSTALLER SERVICE

  5. Chapter 9: MANAGING SOFTWARE SOFTWARE INSTALLATION PACKAGES • Obtain or create an .msi file for the application • Place that file in a network share • Determine if you want a computer-based or user-based installation • Configure and link a GPO with the appropriate settings • Software is deployed when users log on or when the computer restarts (depending on the package deployment option)

  6. Chapter 9: MANAGING SOFTWARE MICROSOFT INSTALLER (.MSI) FILES

  7. Chapter 9: MANAGING SOFTWARE DEPLOYING SOFTWARE

  8. Chapter 9: MANAGING SOFTWARE ASSIGNING SOFTWARE TO COMPUTERS

  9. Chapter 9: MANAGING SOFTWARE SOFTWARE INSTALLATION PROPERTIES

  10. Chapter 9: MANAGING SOFTWARE DEPLOYING SOFTWARE TO USERS

  11. Chapter 9: MANAGING SOFTWARE CREATING MICROSOFT TRANSFORM (.MST) FILES

  12. Chapter 9: MANAGING SOFTWARE DEPLOYING A TRANSFORMED SOFTWARE PACKAGE

  13. Chapter 9: MANAGING SOFTWARE REPACKAGING SOFTWARE • Allows you to create Windows Installer .msi files for distribution of applications that do not ship with such files • Produced by third party, non-Microsoft, companies • May be capable of converting existing installer packages to the Windows Installer format • May have to take before and after snapshots of system to create Windows Installer packages

  14. Chapter 9: MANAGING SOFTWARE USING .ZAP FILES • Used for older applications that do not have .msi files. • Can only be published to users, not assigned to computers or users. • Does not support rollback of an unsuccessful installation, modification, repair, or removal. • Need to be a local administrator in order to install the application. .zap files do not take advantage of elevated privileges.

  15. Chapter 9: MANAGING SOFTWARE REDEPLOYING PACKAGES

  16. Chapter 9: MANAGING SOFTWARE SOFTWARE RESTRICTION POLICIES • New in Windows Server 2003 • Provides methods to control the use of software applications through Group Policy • Can be used to restrict the use of any software

  17. Chapter 9: MANAGING SOFTWARE CONFIGURATION OPTIONS

  18. Chapter 9: MANAGING SOFTWARE SECURITY LEVELS

  19. Chapter 9: MANAGING SOFTWARE ADDITIONAL RULES—HASH RULE

  20. Chapter 9: MANAGING SOFTWARE ADDITIONAL RULES—CERTIFICATE RULES

  21. Chapter 9: MANAGING SOFTWARE ADDITIONAL RULES—INTERNET ZONE RULES

  22. Chapter 9: MANAGING SOFTWARE ADDITIONAL RULES—PATH RULES

  23. Chapter 9: MANAGING SOFTWARE PRIORITY ORDER FOR MULTIPLE RULES • Hash Rules • Certificate Rules • Internet Zone Rules • Path Rules

  24. Chapter 9: MANAGING SOFTWARE IMPLEMENTING SOFTWARE RESTRICTION POLICIES • Use in conjunction with standard access control methods. • Use the Disallowed By Default setting cautiously, because only approved applications run when it is enabled. • Reboot in Safe mode to troubleshoot client-specific issues with Software Restriction Policies. • Do not configure Software Restriction Policies on the Default Domain Policy. Instead, use a separate GPO so that you can easily remove them if necessary.

  25. Chapter 9: MANAGING SOFTWARE CHAPTER SUMMARY • GPOs can be used to deploy, maintain, and remove software. • Typical Windows Installer file types are .msi, .mst, and .msp. How are they used? • What are .zap files? What is a limitation of their deployment? • What software deployment option is available for computers? Users? • What are the four Software Restriction Policy additional rule types? What is their hierarchy of priority?

  26. Chapter 9: MANAGING SOFTWARE REVIEW • .msi (used when deploying applications), .mst (transforming and modifying msi files), and .msp (patching and repairing issues with .msi packaged applications). • .zap files are used for non-Windows Installer distributions. They can be published but not assigned. • Software can be assigned to computers. Software can be either assigned or published to users. • Software Restriction Policy additional rule types include Hash Rules, Certificate Rules, Internet Zone Rules, and Path Rules. These rules are listed in priority order. Hash rules have the highest priority.

More Related