[Samba] Software installation by GPO ( success and fail )
L.P.H. van Belle
belle at bazuin.nl
Wed Oct 15 04:52:16 MDT 2014
Great, thank you for this info, going to check this.
and yes, i've seen wapt, thats the next im going to try.
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: Denis Cardon [mailto:denis.cardon at tranquil-it-systems.fr]
>Verzonden: woensdag 15 oktober 2014 12:21
>Aan: L.P.H. van Belle; samba at lists.samba.org
>Onderwerp: Re: [Samba] Software installation by GPO ( success
>and fail )
>
>Hi Louis,
>
>> Hai, In a bit testing with software deployment through GPO.
>>
>> Now i noticed te following. If i setup my software source
>somewhere on the sysvol share ( and probely any other share on the DC)
>> then i can deploy the software with computer and user GPO
>setting. Aka works ok good all settings with software deployment.
>>
>> Now i noticed the following.
>> I did setup a share on a member server the AD Domain, i did
>setup the same rights as the sysvol share used.
>> Now deployment with GPO does not work any more.
>> Not as user policy or computer policy works if i want to
>install before logon or after login.
>> The message in event logs:
>> ( translated ) failed to install the error is %%1612 error
>1612 tels me unable to access the source.
>>
>> ( aka looks like the machine is unable to get to the
>software. ) But im 100% sure the computer can access this,
>> why does it work on sysvol and not on a member server with
>exact the same rights on share, folder and files.
>>
>> So im wonders who is installing software through GPO objects
>as machine/user policy from a member server.
>> And where it works, because i cant find where this is going wrong.
>
>The computer gpo use the machine account to connect to the share. You
>can try to simulate a connexion through localsystem account
>using psexec
>[1] with the following command [2] :
> psexec -i -s cmd.exe
>
>a new cmd.exe windows will open running as localsystem account
>and then
>you can try to connect to the share where your software setup
>files are
>located
> net use f: \\myserver\myshare
>
>However IMHO, group policies are not a proper solution for software
>deployment (and MS would also advise you to use SCCM for that
>purpose).
>We developped an opensource solution for that purpose similar
>to apt-get
>[3]. Don't hesitates to ask me if you have any questions.
>
>Cheers,
>
>Denis
>
>
>[1] http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
>[2]
>http://verbalprocessor.com/2007/12/05/running-a-cmd-prompt-as-l
>ocal-system/
>[3] http://dev.tranquil.it/wiki/WAPT
>
>>
>> Thanks Louis
>>
>>
>>
>
>
>--
>Denis Cardon
>Tranquil IT Systems
>Les Espaces Jules Verne, bâtiment A
>12 avenue Jules Verne
>44230 Saint Sébastien sur Loire
>tel : +33 (0) 2.40.97.57.55
>http://www.tranquil-it-systems.fr
>
>
More information about the samba
mailing list