Use group policies to deploy Windows XP SP2

Source: Internet
Author: User

Source: MSDN
Introduction
If you manage your computer in the Active Directory service environment, you can use the "software installation and maintenance" feature of "Group Policy" to deploy Microsoft? Windows XP Service Pack 2 (SP2 ). This article describes how to use "Windows Installer" and "Group Policy" on Microsoft Windows 2000 Server or Microsoft Windows Server? 2003 install SP2 on the target computer in the Active Directory domain.

For customers who have not used Enterprise Update Management solutions (such as Systems Management Server (SMS) 2003 or Software Update Services (SUS, we recommend that you use "Group Policy" to manage Windows XP SP2 deployment in real time.

When you use a group policy distributor, you can assign programs to multiple computers. The program will be installed when the computer starts, and all users who log on to the computer can use this program. For more information about "Group Policy", see group policy infrastructure.

This document assumes that you have used the Group Policy Management Console (GPMC ). To download GPMC, see the Group Policy Management Console with Service Pack 1.

 
Obtain Windows XP SP2
To get Windows XP SP2, see the Windows XP Service Pack 2 network installation package for IT professionals and developers. Users can download the SP2 file, named WindowsXP-KB835935-SP2-ENU.exe, from this page. For more information about CD subscription, see Windows XP Service Pack 2 resources for IT professionals.

After the WindowsXP-KB835935-SP2-ENU.exe is downloaded, use the following command line to extract the file:

WindowsXP-KB835935-SP2-ENU.exe/x <path>, where "<path>" is the target directory used to store the extracted file.

Using group policy to deploy SP2 is implemented through the Microsoft Windows Installation Package (named Update. msi) of SP2. This file is located in the following folder and is also the destination location for extracting the file: i1_update.

Use group policies to assign service packages
1.
Create a distribution point.
 
2.
Create a group policy object (GPO) for SP2 deployment ).
 
3.
Deploy SP2 Update. msi from the shared distribution folder for the specified computer. Do not deploy according to user deployment.
 
4.
You can deploy SP2 to a specific security group as needed.
 

The target computer (that is, the computer on which the service package is to be received) must be added to the domain of the server containing the "Windows Installer" (. msi) file. After you assign a package, when a user connected to this network starts the computer next time, the "Windows Installer" will automatically install the service package. We recommend that you check the properties of each computer to ensure that the target computer has been updated. You may need to restart the computer multiple times to complete the update.

Only a network administrator or a person logging on to a local computer as an administrator can remove the allocated software (SP2) from the target computer ).

The process described in this section is described in detail below.

 
Create a distribution point
To publish or assign software, you must create a distribution point on the server.

Create a distribution point
1.
Log on to the server as an administrator.
 
2.
Create a shared network folder for the Microsoft Windows installation package to be distributed. This folder is the distribution point of the software package.
 
3.
Set the permission of the shared network folder to allow access to the distribution package. Grant access permissions to administrators, Authenticated Users, and domain users.
 
4.
Configure the DFS for the distribution point ). We recommend that you perform this operation because it ensures uninterrupted availability of the distribution point when replacing the server to provide higher flexibility. In addition, DFS can easily place distribution sites on multiple sites. For more information about DFS, see designing DFS namespaces.
 

 
Create GPO for SP2 deployment
You can create a GPO and link it to all the Active Directory containers (such as sites, domains, or organizational units) that contain the target computer where SP2 is to be deployed ). In the following procedure, we will guide you how to use a domain as a container. You may need to link GPO to another container for your specific environment. You can even link it to any Active Directory container. In addition, if you only want to deploy SP2, You can edit the existing GPO without creating a new GPO, however, we recommend that you do not edit "Default Domain Policy" or "default domain controller policy ".

Create GPO for SP2 deployment
1.
On the management workstation, open the Group Policy Management Console (GPMC ).
 
2.
In the console tree, right-click the domain name in the forest where you want to create and link the "Group Policy" Object (GPO.
 
3.
Click here to create and link GPO.
 
4.
In the create GPO dialog box, specify a name for the new GPO, and click OK.
 

 
Edit GPO for SP2 deployment
You can now modify GPO by using the "software installation and maintenance" function of "group policy. Note that "Group Policy" only supports deploying SP2 to a computer, not a user. To deploy SP2, you must use the "Computer Configuration" node in the "Group Policy object Editor.

Edit GPO for SP2 deployment
1.
Right-click the new GPO and click Edit.
 
2.
In the Group Policy object Editor, click computer configuration, click Software settings, and then click software installation.
 
3.
In the Action menu, point to new, and then click the package.
 
4.
In the file name in the open dialog box, type the complete path of the Universal Naming Convention (UNC) of the shared installation package to be distributed. Enter the path \ ServerNameSharedFolderUpdate. msi or \ ServerIPSharedFolderUpdate. msi in the following format. Make sure that the UNC path of the shared installation package is used.
 
5.
Select "Windows installation package" and click open.
 
6.
In the deploy Software Dialog Box, click allocated, and then click OK. The selected shared installation package appears in the right pane of the Group Policy object editor.
 

Note:
ServerName and ServerIP are the server name or placeholder IP address of the computer where the shared folder is located. SharedFolder is a placeholder for shared folders on the server computer.

 
Deploy SP2 to a specific security group
For testing purposes, you may initially only want to deploy SP2 on a limited number of computers, rather than all computers in a given domain or OU. If you only want to deploy SP2 on a computer that is a member of a specified security group, you can use the security filtering feature in group policy to complete this operation.

Use the security filter function to locate SP2
1.
In GPMC, double-click the Group Policy object.
 
2.
Click the GPO for which you want to filter applications.
 
3.
On the Range Tab Of The result pane, click Add.
 
4.
In the name of the object to be selected, type the name of the group, user, or computer to be added to the security filter, and then click OK.
 
5.
If the authenticated user is displayed in the security filtering section of the Range tab, select this group and click Remove. This operation ensures that only the added group members can receive the GPO settings.
 

Note:
The settings in GPO are only applied to users and computers in the domain or organization that is linked to it, in addition, these users and computers must be specified in "Security filtering" or belong to the members of the group specified in "Security filtering. You can specify multiple users or computers for a single GPO in the security filter.

 
Related links:

Install and deploy Microsoft Windows XP Service Pack 2

Use group policies to manage Windows XP Service Pack 2

Windows XP Service Pack 2 resources for IT professionals

Deploy a simple hosting environment

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.