Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

Engineer training

advertisement 
PC Power Down
MSI Deployment Guide
PC Power Down - MSI Deployment Guide
1. Introduction
1.1. Outline
The client software for PC Power Down can be pushed out across a network, saving the effort of individually
visiting each computer to install the software.
This technique uses a Microsoft Installer (MSI) file that is pushed out using Microsoft's Active Directory (AD) and
Group Policy Object (GPO).
The intended audience for this document are network administrators who are tasked with deploying PC Power
Down across an organisation using an MSI.
2. Install parameters
2.1. Introduction
The MSI installs at boot up before the user has logged in. This is done silently in the background without the
need for user interaction.
There are three parameters used during installation, the installation directory; IP address of the server and port
number. These values can be customised by using an MST, as explained in section 3. However for the majority of
cases we recommend using the defaults, as specified in section 2.2.
2.2. Default Parameters
2.2.1. IP address
This address is used to specify the location of the PC Power Down Server. Enabling the client to retrieve its
power down schedule and report its status.
This value will default to "pcpserver". Please add a DNS record to map this name to the IP address of your
server.
2.2.2. installation directory
The installation directory will default to [Common App Data]\PC Power Down\Network Client .
Windows XP will install this to
" C:\Documents and Settings\All Users\Application Data\PC Power Down\Network Client\".
Windows Vista or Win7 will install this to
"C:\Program Data\PC Power Down\Network Client\".
If your network has a mixture of XP and Vista/Windows 7 then 2 deployments with different MSI's are
required.
It is worth noting that the standard exe will automatically resolve the installation directory.
2.2.3. The port number
This defaults to 4455. Please ensure any firewalls are configured to allow TCP on the specified port.
Page|2
PC Power Down - MSI Deployment Guide
3. Microsoft Transform File (Advanced install)
3.1. Introduction
Microsoft Transform (MST) allows you to customise the parameters specified in section 2.2. However this is only
for advanced installs, as for the majority of cases the default settings are fine.
Please be careful in specifying a different installation directory as Microsoft have tightened security under Vista
and Windows 7. Therefore the usual directory of Program Files will not have enough privileges by default.
3.2. Creation
3.2.1. Requirements
Please download and install the Software Development Kit for Windows. This package includes Orca.exe
which allows the internal database of an MSI to be transformed.
3.2.2. Guide
Right click the MSI and select "Edit with Orca"
Figure 1 - Opening with Orca
From the top menu select Transform > New Transform
Figure 2 - New Transform
Select the table "CustomAction" from the list on the left hand side.
Figure 3 - Custom action table
Page|3
PC Power Down - MSI Deployment Guide
There are two rows that may require editing. The first is the target directory, for Vista and Windows 7
installations we recommend "C:\Program Data\PC Power Down\Network Client\".
The second row contains the server IP address and port number. Do not change the TargetDir within this
row, it will import from the previously edited row. Both the IP and port should be entered without speech
mark, as shown below.
Figure 4 - Editing the parameters
Once these values have been edited, select transform > Generate Transform from the top menu.
Figure 5 - Generate Transform
This will prompt a save as screen, name the file and click save.
Figure 6 - Save
Page|4
PC Power Down - MSI Deployment Guide
4. MSI Deployment
4.1. Group Policy introduction
You can use Group Policy to assign or to publish software to users or computers in a domain. Additionally, it is
useful to be able to deploy software based on group membership. A Group Policy object (GPO) is usually applied
only to members of an organizational unit (OU) to which the GPO is linked. Because a user/computer cannot be
located in several OUs at the same time, you must be able to apply Group Policy settings outside the boundaries
of OUs. This article will describe how to create an OU and deploy your software using a GPO.
4.2. Assign software to a group
Create a folder to hold the MSI package on a server. Share the folder by applying permissions that let users
and computers read and run these files. Then, copy the MSI package files into this location.
From a Windows 2000-based computer in the domain, log on as a domain administrator, and then start Active
Directory Users and Computers.
From the control panel select administrative tools > Active Directory Users and Computers.
Figure 7 - Group Policy
Note You can apply Group Policy settings to domains, sites, and OUs.
In Active Directory Users and Computers, right-click the container to which you want to link the GPO, click
Properties, and then click the Group Policy tab.
Page|5
PC Power Down - MSI Deployment Guide
Figure 8 - Container properties
Create a new GPO for installing your MSI package, and then give the new GPO a descriptive name.
Figure 9 - Group Policy Editor
While the new GPO is selected, click Edit. This starts the Group Policy Object Editor.
Page|6
PC Power Down - MSI Deployment Guide
Notes
The Software Settings folder under Computer Configuration contains software settings that apply to
all users who log on to the computer. This folder contains software installation settings. It may also
contain other settings that are put there by independent software vendors.
The Software Settings folder under User Configuration contains software settings that apply to
users regardless of which computer they log on to. This folder also contains software installation
settings. It may contain other settings that are put there by independent software vendors.
Figure 10 - New package
Open and then right-click Software installation in the GPO, and then click New Package.
You are prompted for the path of the Windows Installer file (.msi) for this package. View the network
location that contains the Windows Installer file, click the file, and then click Open.
Warning If the Windows Installer file resides on the local hard disk, do not use a local path. Instead, use the
UNC path of the local computer to indicate the location of the installation files. A UNC path takes the form
\\servername\sharename\path\filename.msi.
In the Deploy Software dialog box, do one of the following:
Click Assigned to use default settings for the deployment properties.
Click Advanced to manually edit the package properties instead of accepting the defaults. You can
also choose between assign and publish for the deployment method.
When you are prompted to choose between Advanced and Assigned, click Assigned unless you want to
apply an MST.
You should now see the software package in the details pane of the Group Policy Object Editor. For this
example we shall pick advanced to document applying an MST.
Page|7
PC Power Down - MSI Deployment Guide
Figure 11
Figure 12
To add an MST click the modification tab and select Add. Select the MST from the file dialog screen.
Please ensure that the file permissions for the MST folder have been set correctly.
Page|8
PC Power Down - MSI Deployment Guide
Figure 13
Click your GPO, and then click Properties.
1. Click the Security tab.
2. Click Authenticated Users in the Group or user names list, and then click Remove.
3. Click Add, select the security group that you want this policy applied to, and then click OK to add the
security group to the list.
4. Select the security group, and then under Permissions for Users, click to select the READ and the
Apply Group Policy check boxes in the Allow column.
5. Click Apply, click OK, click Apply, and then click OK.
The software package appears in the details pane of the Group Policy Object Editor.
Changes to a GPO are not immediately applied on the target computers. Instead, changes are applied
according to the current Group Policy update interval. You can use the Secedit.exe command-line tool to
impose GPO settings upon a target workstation immediately.
Page|9
PC Power Down - MSI Deployment Guide
5. Troubleshooting
5.1. Introduction
Various points during the GPO push of the MSI package may fail. In the majority of cases, the failure is due to
incorrect permissions for the computer account to access the GPO, defined package, physical package, or
authentication problems. Also, an improperly configured MSI setup file may cause installation failures.
5.2. GPO
Problem: You do not see the message box at startup stating the MSI package is being installed.
Resolution:
There are a few possibilities that can contribute to this. Check to ensure the target machine is located within the
OU where the GPO containing the software deployment is applied. Also, check the permissions on the OU and
GPO to ensure Domain Computers (or Authenticated Users) have both READ and APPLY GROUP POLICY rights.
Also ensure the defined package object within the GPO has the appropriate rights for Domain Computers. Also,
your GPO definition may not have fully replicated through the Active Directory domain. Either wait a while for
replication to occur, or run gpupdate.exe /force at the command line of one client to test it's working.
Problem: Cannot create GPO object.
Resolution: Ensure that the account you are using to run the Active Directory Users and Computers application
has sufficient rights to create Group Policies. Usually, you must be a member of the Group Policy Creator Owners
group explicitly or implicitly by nested groups. See your local OU administrator to verify your group membership
and to delegate the ability to create Group Policies.
Problem: You updated the MSI installer file, but machines do not get updated automatically.
Resolution: You must redeploy the Package Object within the GPO. Right-click on the Package Object and select
All Tasks\Redeploy Application –OR- use the built-in versioning techniques of Package Objects (see Microsoft
Knowledge Base for more info on using versioning of Software Package Objects).
Problem: Other administrators cannot redeploy the software or edit the GPO. Only the original creator or
Domain Administrators can.
Resolution: Check the security permissions on both the Package Object and the GPO to ensure intended
administrators can Read/Write/Modify the objects accordingly.
Problem: The Application Event Viewer indicates errors that the MSI package installation failed with an error
‘Package source not located’.
Resolution: This indicates that the local computer read and tried to apply the GPO and MSI Package object, but
could not access the physical .MSI file. Check the permissions on the share containing the MSI file to ensure
Domain Computers (or Authenticated Users) have at least READ access rights. It is also possible that the Package
Object was created using the physical path (C:\Apps\Installer.MSI) instead of the UNC path
(\\server\share\Installer.MSI). Also, the Package Object may reference the FQDN of the share path
(\\server.domain.com\share\Installer.msi
You can manually verify the computer account has access to the share and MSI installer file by attempting to
connect to the share as the local computer account (NT Authority\System) by performing the following:
1. On the target computer, log in as an administrator.
2. Schedule an AT job for 1 minute ahead of the current time to launch a command prompt as NT
Authority\System:
C:\> at 1:00pm /interactive cmd.exe
P a g e | 10
PC Power Down - MSI Deployment Guide
3. After the command prompt window appears, you will have NT Authority\System access.
4. Attempt to list the contents of the share using the UNC path:
C:\> dir \\server\share - You should receive a directory listing of the files on the share
5.3. MSI & MST
MSI Installation on client PCs would have logs within the Event Viewer. Useful information is provided to check
where the issue may be.
If MSI installation is corrupt then you may not be able to install or uninstall. To remove the corrupt installation
please run the MSI removal utility provided by Microsoft. This utility removes all traces of the corrupt MSI
installation.
All windows client machines would have to have the latest service packs provided from Microsoft as the
Windows installer are different on different service packs.
When creating MST’s verify that the installation directory is correct for Windows Vista installations –
C:\ProgramData\PC Power Down
And for Windows XP C:\Program Files\PC Power Down
Also verify that the IP address of the server is correct and reachable on the network.
P a g e | 11
Related documents
Job Description - European Evaluation Society
Job Description - European Evaluation Society
SHOPS Technical Specialist SOW Mar 25 2015
SHOPS Technical Specialist SOW Mar 25 2015
MSI and Coffey logo SOW template 10-2011
MSI and Coffey logo SOW template 10-2011
SHOPS Evaluation Specialist
SHOPS Evaluation Specialist
Strategic Action Council of Northwest Louisiana, Inc. Minority
Strategic Action Council of Northwest Louisiana, Inc. Minority
INSTRUMENTATION ENGINEER
INSTRUMENTATION ENGINEER
1 Installation
1 Installation
the presentation
the presentation
MCSE AND SYSTEM ADMINISTRATOR JOB INTERVIEW
MCSE AND SYSTEM ADMINISTRATOR JOB INTERVIEW
Download
advertisement