Skip to main content

Deploy Software via Group Policy (GPO)

Introduction

Deploy Software via Group Policy (GPO) is a method used in Windows Active Directory (AD) environments to automatically install, update, or remove software on computers or for users centrally and silently, without manual installation on each machine. It’s mainly handled by Group Policy Objects (GPOs) through Microsoft Installer (MSI) packages.

Open the Windows Server Device:

  • Open Server Manager click Tools on the upper right side and choose the Active Directory Users and Computers.

image.png

  • On the Active Directory Users and Computers right click the Users folder select New and Group.

image.png

After you clicked the Computer, New Object - Computer window displayed.

  • Input your desired Computer Name: TSR-Deployment
  • Group scope: Global
  • Group type: Security

Click "OK" once done and you will see the TSR-Deployment added on the Active Directory Users and Computers.

image.png

image.png

  • Next Process double click the TSR-Deployment on the Active Directory Users and Computers, TSR-Deployment Properties will appear and click the Members tab.

image.png

  • Click Add, then select Object Types. Once it opens, check the Computers.

image.png

image.png

  • Type the computer name that is connected to the domain. Then, click Check Names and select only the Computer icon that corresponds to your device.

    image.png

Creating a UNC Path for Software Folders (Windows Server)

To ensure domain-joined computers can access the AQUILA EDR ZIP file package and folder for centralizing logs, create a shared network folder and configure appropriate permissions.

  1. On a Document folder, create another folder inside of it with your desired name (e.g., software).
    • Inside of the software folder, place the aquila agent 7.msi into this folder.

      image.png


      image.png


  2. Enable Folder Sharing
    • Right-click the software folder and select Properties.
    • Navigate to the Sharing tab and click Advanced Sharing.

      image.png


    • Check the box Share this folder.

      image.png

  3. Set Permissions
    • Click Permissions

    • Grant the Read permission to Domain Computers.

    • Grant the Full Control permission to Domain Admins

      image.png
    • Once the Permission clicked, Permissions for software will be shown.

      image.png

       


    • Remove the Everyone.

      image.png

    • After clicking the Remove, click the Add, the Select Users, Computers, Service Accounts, or Group will be shown. Type "auth" then click Check Names. the Multiple Names Found will be shown and select the Authenticated Users and click OK.

      image.png


      image.png


  4. Open the shared folder on the User domain logged in.
    • Use windows + R or search run on the windows search

      image.png

    • Type the Shared Folder path, e.g. (\\ServerPath)
      • Open the specified folder where the software are inputtedimage.png

        image.png

 

 

 

 

 

 

Back to top