Updates and Patch Management with Group Policies

Previous page
Table of content
Next page
 < Day Day Up > 

Updates and Patch Management with Group Policies

One other advantage to group policies is the centralized deployment options available to distribute the Exchange 2003 Outlook client updates and patches. With Group Policy and the Microsoft MSI installation package format available with most updates, the Microsoft Outlook 2003 client installation software updates can be deployed from the centralized administrative distribution point to a predefined set of workstations configured in the GPO settings.

Deployment Options When Updating Exchange Clients

Using Group Policy, the Outlook client can be upgraded and patched using one of the three following deployment methods :

  • Assigned to Computers This method of installation uses the Outlook Installation package on the workstation and is available when the workstation is restarted. Using this option, all users have access to the Exchange client software after it is installed.

  • Assigned to Users When the installation package is assigned to users, Application Shortcuts are placed on the desktop of the user 's profile and on the Start menu. When these shortcuts are selected, the application installation will be completed.

    TIP

    When using the Assigned Application options for both users and computers only, when a package is uninstalled , Group Policy automatically reassigns the installation to the user or computer.


  • Publishing the Installation This is the most common method of deploying software updates to client systems. When a software package is published, the installation package is displayed in the Add/Remove Programs Group in the local desktop system control panel. Users can then initiate the installation by selecting the update.

Each method enables Exchange 2003 administrators to push MSI software update packages to the Outlook 2003 client from a central location or Administrative Installation Point, to the workstation or users on the network.

CAUTION

Do not assign the option to install updates to Users and Computers at the same time. Assigning both options can create conflict to how updates are installed and possibly corrupt the installation of the Outlook client when applying the update.


Deploying Client Updates

As with all aspects of Group Policy, the choices and configuration options of deployment updates are numerous . Regardless of which type of update package is being pushed , some basic best practices apply and can help make updates easier and less troublesome :

  • Software packages must be in the format of an MSI package. Any other format type than an MSI cannot be pushed using Group Policy. Using third-party applications can help the administrator create customized MSI packages to deploy any type of software as well as software with predefined installation choices.

  • Configure software pushes at the highest levels possible in the domain. If the push is going out to more than one group or organizational unit, the software update should be configured to be pushed at the domain level. If the software update is being pushed to only a few groups or one organizational unit, or if multiple update packages are being pushed, configure the push at the group or organizational unit level.

  • Configure software pushes to the Computers Configuration rather than the User Configuration. This way, if users log into multiple computer systems, updates are not applied more than once.

  • When pushing updates in multiple locations, use a technology such as Distributed File System (DFS) so software installations are installed from packages and sources close to the client being updated.

Pushing Client Updates

With the options available and a good understanding of the best practices for deploying software, the next step is to configure a GPO to push an update to the Outlook client. The steps in this scenario enable administrators to push a small update package to the Exchange 2003 Outlook client workstations on the domain.

Begin by downloading the update and creating a share on the folder where the update will be placed. Open the GPMC by selecting Start, All Programs, Administrative Tools, Group Policy Management. Then to create an Outlook Client software update Group Policy Object, follow these steps:

  1. Select the Default Domain Policy for your domain by selecting Forest, Domains, YourCompanydomain, Group Policy Objects.

  2. Select Default Domain Policy, click Action, and click Edit. This opens the Group Policy Editor to create the software push.

  3. Select Computer Configuration and select Software settings, Software Installation.

  4. From the Action menu, select New, Package.

  5. Navigate the Open dialog to the network share where the MSI was placed and select the MSI package being applied. Select Open to continue.

    TIP

    If prompted that the Group Policy Editor cannot verify the network location, ensure that the share created earlier in these steps has permissions allowing users access to the share. Select Yes to continue after confirmed.

  6. At the Deploy Software dialog box, select Advance and click OK to continue. Windows will verify the installation package; wait for the verification to complete before continuing to the next step.

  7. When the Package is visible in the right window of the software installation properties, highlight the install package and click Action, Properties.

  8. On the Package properties page, select the Deployment tab. Review the configuration, click Assign, and ensure that the Install this Package at Logon option is selected, as shown in Figure 29.7. Select OK when complete.

    Figure 29.7. Outlook Update properties.

    graphics/29fig07.jpg

The new package is ready to deploy; test the update by logging on to a workstation and verifying that the packaged has installed. If problems exist, redeploy the package by selecting the software update and clicking Action, All Tasks, Redeploy Application to force the deployment.

Determining the Success of a Push

Without additional management software, administrators cannot determine whether a software package was pushed successfully, because all evidence of software pushes are seen locally on the client machines. On the local machines, there are two areas to check to determine whether a software installation was successful:

  • Look for MSI Installer events that are written into the Application Event Logs.

  • On the local machine, view Add/Remove programs to see whether the Outlook update package is listed.

 < Day Day Up > 

Previous page
Table of content
Next page
Microsoft Exchange Server 2003 Unleashed
Microsoft Exchange Server 2003 Unleashed (2nd Edition)
ISBN: 0672328070
EAN: 2147483647
Year: 2003
Pages: 393
Authors: Rand Morimoto
BUY ON AMAZON
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Introduction to 80x86 Assembly Language and Computer Architecture
An Introduction to Design Patterns in C++ with Qt 4
802.11 Wireless Networks: The Definitive Guide, Second Edition
Comparing, Designing, and Deploying VPNs
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy