Deploy Software via Group Policy (GPO)

Introduction

Deploy Software via Group Policy (GPO) is a method used in Windows Active Directory (AD) environments to automatically install, update, or remove software on computers or for users centrally and silently, without manual installation on each machine. It’s mainly handled by Group Policy Objects (GPOs) through Microsoft Installer (MSI) packages.

Open the Windows Server Device:

• Open Server Manager click Tools on the upper right side and choose the Active Directory Users and Computers.

• On the Active Directory Users and Computers right click the Users folder select New and Computer.Group.

After you clicked the Computer, New Object - Computer window displayed.

• Input your desired Computer Name: TSR-Deployment
• Group scope: Global
  
• Group type: Security

Click "OK" once done and you will see the TSR-Deployment added on the Active Directory Users and Computers.

• Next Process double click the TSR-Deployment on the Active Directory UsesUsers and Computers, TSR-Deployment Properties will appear and click the Members tab.

• Click the "Add", button,then select the "Object Types". onceOnce it opensopens, check the  ComputerComputers.

• Type yourthe computer name that is connected to the domain,domain. after thatThen, click the Check Names and chooseselect only the "Computer" icon whichthat iscorresponds to your computer device.
  
  

  

Creating a UNC Path for Software Folders (Windows Server)

To ensure domain-joined computers can access the AQUILA EDR ZIP file package and folder for centralizing logs, create a shared network folder and configure appropriate permissions.

1. On a Document folder, create another folder inside of it with your desired name (e.g., software).
   
   • Inside of the software folder, place the aquila agent 7.msi into this folder.
     
     

     

     
     

     

     
     
2. Enable Folder Sharing
   • Right-click the software folder and select Properties.
   • Navigate to the Sharing tab and click Advanced Sharing.

     

     
     
   • Check the box Share this folder.

     

3. Set Permissions
   • Click Permissions

   • Grant the Read permission to Domain Computers.

   • Grant the Full Control permission to Domain Admins

     
   • Once the Permission clicked, Permissions for software will be shown.
     

     

      

     
     
   • Remove the Everyone.
     

     

   • After clicking the Remove, click the Add, the Select Users, Computers, Service Accounts, or Group will be shown. Type "auth" then click Check Names. the Multiple Names Found will be shown and select the Authenticated Users and click OK.

     

     
     

     

     
     
4. Open the shared folder on the User domain logged in.
   • Use windows + R or search run on the windows search

     

   • Type the Shared Folder path, e.g. (\\ServerPath)
     • Open the specified folder where the software are inputted