how to use Group Policy to automatically distribute programs to all VMs in the Domain ?

Publication Date:  2014-06-12 Views:  268 Downloads:  0
Issue Description
customer want to push an antivirus  from such server to all VMs in the domain.
Alarm Information
none
Handling Process
- This is step-by-step article describes how to use Group Policy to automatically distribute programs to client computers or user:

step 1 :   Create a distribution point ;
--------------------------------------------
To publish or assign a computer program, you must create a distribution point on the publishing server. To do this, follow these steps:

1.   Log on to the server as an administrator.
2.   Create a shared network folder where you will put the Microsoft Windows Installer package (.msi file) that you want to distribute.
3.   Set permissions on the share to allow access to the distribution package.
4.    Copy or install the package to the distribution point. For example, to distribute Microsoft Office XP, run the administrative installation (setup.exe /a) to copy the files to the distribution point.

step 2 :Create a Group Policy Object :
--------------------------------------------------

To create a Group Policy Object (GPO) to use to distribute the software package, follow these steps:Click here to show/hide solution

1.    Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
2.     In the console tree, right-click your domain, and then click Properties.
3.     Click the Group Policy tab, and then click New.
4.     Type a name for this new policy (for example, Office XP distribution), and then press Enter.
5.     Click Properties, and then click the Security tab.
6.     Clear the Apply Group Policy check box for the security groups that you don't want this policy to apply to.
7.     Select the Apply Group Policy check box for the groups that you want this policy to apply to.
8.     When you are finished, click OK.

Step 3  Assign a package :
-------------------------------------

To assign a program to computers that are running Windows Server 2003, Windows 2000, or Windows XP Professional, or to users who are logging on to one of these workstations, follow these steps: 

1.         Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
2.         In the console tree, right-click your domain, and then click Properties.
3.         Click the Group Policy tab, select the policy that you want, and then click Edit.
4.         Under Computer Configuration, expand Software Settings.
5.         Right-click Software installation, point to New, and then click Package.
6.         In the Open dialog box, type the full Universal Naming Convention (UNC) path of the shared installer package that you want. For example, \\file server\share\file name.msi.
Important Do not use the Browse button to access the location. Make sure that you use the UNC path of the shared installer package.
7.         Click Open.
8.         Click Assigned, and then click OK. The package is listed in the right-pane of the Group Policy window.
9.         Close the Group Policy snap-in, click OK, and then close the Active Directory Users and Computers snap-in.
10.      When the client computer starts, the managed software package is automatically installed.

 Step4  Publish a package :
--------------------------------------

To publish a package to computer users and make it available for installation from the Add or Remove Programs list in Control Panel, follow these steps: Click here to show/hide solution
1.         Start the Active Directory Users and Computers snap-in. To do this, click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
2.         In the console tree, right-click your domain, and then click Properties.
3.         Click the Group Policy tab, click the policy that you want, and then click Edit.
4.         Under User Configuration, expand Software Settings.
5.         Right-click Software installation, point to New, and then click Package.
6.         In the Open dialog box, type the full UNC path of the shared installer package that you want. For example, \\file server\share\file name.msi.
Important Do not use the Browse button to access the location. Make sure that you use the UNC path of the shared installer package.
7.         Click Open.
8.         Click Publish, and then click OK.
9.         The package is listed in the right-pane of the Group Policy window.
10.      Close the Group Policy snap-in, click OK, and then close the Active Directory Users and Computers snap-in.
11.      Test the package.






Root Cause
none
Suggestions
Note :
1- these steps for windows server 2008.
2-  difference between  Assigning Software and   Publishing Software :
      Assigning Software :You can assign a program distribution to users or computers. If you assign the program to a user, it is installed when the user logs on to the computer. When the user first runs the program, the installation is completed. If you assign the program to a computer, it is installed when the computer starts, and it is available to all users who log on to the computer. When a user first runs the program, the installation is completed.
      Publishing Software :You can publish a program distribution to users. When the user logs on to the computer, the published program is displayed in the Add or Remove Programs dialog box, and it can be installed from there.
3-   To deploy software through GPO, the installation file of the software shall be .MSI file. We cannot assign or publish software if the installation file is .EXE file. As a workaround, we can convert .EXE file to .MSI file so that it can be deployed. I suggest we check the this link for  Converting EXE to MSI for Deployment
: http://www.qwertylab.com/FreeTools.aspx
4- only Microsoft System Center Configuration Manager (SCCM) can deploy EXE files to all machines on the domain

Note :
--------
Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.
a.         Log on to a workstation that is running Windows 2000 Professional or Windows XP Professional by using an account that you published the package to.
b.        In Windows XP, click Start, and then click Control Panel.
c.         Double-click Add or Remove Programs, and then click Add New Programs.
d.        In the Add programs from your network list, click the program that you published, and then click Add. The program is installed.
e.         Click OK, and then click Close.

END