1) In Active Directory in the Users OU at the domain level, create a new Universal Security Group. Call it something like “Visio Users” or “Publisher Users”.
2) On your file server, create a folder in the root of C: and give share and NTFS rights to the security group you created in step 1. This folder will be where the final installation files will reside. We’ll call this our “distribution point”. The security rights should look something like this:
3) Now, you will need to do an “administrative install” of your Office application onto the C: drive of the file server. However, you will not be able to run the administrative install from a network drive. (It won’t work.) So you’ll need to create another (temporary) folder in the C: root directory copy for all of the install files and folders. Call this temporary folder “C:\office2k3pro”.
4) Run the administrative install from your temporary install folder using the Run command with the /a parameter. It should look something like this:
5) When the install runs, in this window, make sure your Install Location is your distribution point that you created in step 2:
6) When the administrative installation is complete, be sure to delete your temporary folder “C:\office2k3pro”.
7) Create a Group Policy Object for the application and link it to the appropriate OU. A good naming convention is “[Application Name] [Functional Area]”:
8) For your new GPO, ensure that “Disable Computer Configuration settings” is checked off. It will look like this if you do not have Group Policy Management installed on your workstation:
9) Set security permissions and add the new security group with full control…it will look like this if you do not have Group Policy Management:
10) If you do have Group Policy Management, you will need to go to the “Security Filtering” section under the “Scope” tab to set the security permissions and add the security group:
11) Map a network drive to the C drive share (c$) on the file server.
12) Open up the GPO for editing. Go to User Configuration / Software Settings and right-click on Software installation. Select New / Package… just like so:
13) Browse to the install folder share you created with the administrative install files on the C: drive of the file server via the network drive you just mapped to in step 11.
14) Choose the Assigned deployment method (if you select Published, all users will be get the install):
15) When you finish configuring the software installation piece of the GPO, it should look like this:
16) Now, you can just add users to your security group in Active Directory that need the application and have them reboot!
17) The new application should show up in Start / All Programs / Microsoft Office.
18) Have user run the new application after they receive it; there may be some final pieces of the install that won’t happen until the first time the user runs the application.
Special thanks to Ernie Smith for collaborating on this tech tip.
No comments:
Post a Comment