/build/static/layout/Breadcrumb_cap_w.png

Deploying software upgrades best way?

Hello,

Excuse my ignorence but what is the best way to install a newer version of a program using Group Policy? For example, we have already deployed Adobe Flash Player 9 Active X and now I have version 10 that I want to deploy. Do I just create a new group policy and remove the old one? I ask because I notice there is an Upgrades tab when you create a new Group Policy Software Installation and you have the option to Add "Packages that this package will upgrade". I've never used this option so not sure if I should be.

Hope you can help.

Cellardoor.

0 Comments   [ + ] Show comments

Answers (4)

Posted by: revizor 16 years ago
Third Degree Blue Belt
0
Creating new policies hurts performance a bit. Just add the new version into the same policy, make sure it's set to update (replace), and off you go.
When comfortable, you can delete the old version out of the policy...
Posted by: cellardoor 16 years ago
Senior Yellow Belt
0
Cheers revizor. This raises another question though. I've already got a group policy for flash player 9 deployed to about 3000 computers. Say I choose to add flash player 10 to this like you've suggested and despite my testing there is a problem and its hanging on 50% of the computers. That's a lot of computers with problems.

I guess what I'm saying is despite all the testing in the world I wouldn't want to deploy any app or update to everyone at once. How do you handle this? I'm aware you can use security groups etc but if I suddenly change the permissions on my existing GPO to only apply to one office, will this affect the rest of the offices that still have only version 9 installed deployed through the original GPO?

This wasn't a problem when I installed v9 first time around because I linked the GPO to the office when I was ready. I spose I could go around disabling or unlinking the offices but again I don't know what affect that would have on the ones that already had this software deployed.

Cheers for your help matey!
Posted by: anonymous_9363 16 years ago
Red Belt
0
How do you handle this? Having been at sites which used both, I'd say the 'New policy' route is the most flexible. It allows you to trickle-feed your updates to a restricted audience and gauge its efficacy without endangering the entire OU. Sure it takes longer because the old version has to be removed first but how often do such updates occur? Your users are already all too familiar with the delay while software gets installed by GP so what's another few minutes?
Posted by: revizor 16 years ago
Third Degree Blue Belt
0
You can apply ACLs to entire GPOs, as well as to the individual packages, meaning you can stage roll-out of a package by configuring ACLs on the given assigned package to only be available to members of a certain group. Bear in mind that the policy ACL is processed first, and those objects that see into the GPO then process package ACL (standard share and NTFS permissions do apply afterwards, but I do not recommend filtering through file system or share permissions, as it will generate unnecessary errors in the application log for the computers/users).
I would, in your case, add upgrade for Flash into an existing policy and go into package properties > Security, and do editting of permissions there, making the new package available to the roll-out group only. You have the flexibility of populating the group gradually, and once you hit everyone, you can "flip" the ACL to "Domain Computers", or whatever you intended target audience would be...
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ