Group Policy Installation

Hi experts,
My client's environment is tightly controlled and this causes me issues whenever we need to upgrade B1. As such i would to develop a Group Policy and have the upgrade triggered remotely when the user logs in to the computer.
Has anyone explored this avenue?
thx,
Richard.

Similar Messages

Flash Player group policy installation

Hi All,
Consider the following scenario:
BigCorp deploys thier Flash player the Group Policy Software Installation (GPSI).
BigCorp rolls out the latest version of Flash player to thier site. Although BigCorp has followed all thier testing plans, and not noticed errors - users begin to report issues with a line of business app which uses Flash.
Admins at BigCorp disable the policy which installed the latest version of Flash payer, and re-enable the previous version. Affected users reboot thier machines and they hang indefinatley at the GPSI instllation stage.
This behaviour appears to be by design, but the behaviour of the installer is not sane at this point.
I believe that this issue is caused by the feature noted at http://kb2.adobe.com/cps/402/kb402435.html - since removing HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayer\SafeVersions prevents this from happening. (Specific versions are listed, and appear to work as one might expect; i.e. remove the DWORD value at HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\FlashPlayer\SafeVersions\10 and earlier versions can be installed)
The reason for the indefinate wait during installation of a downlevel version appears to be that the installer is displaying a dialog box that has been suppressed by GPSI since it is, I imagine, waiting for a response from the user that it will never recieve. At this point the only way to allow the machine to complete a reboot is to either a)disonnect the network b) force the policy to fall out of scope.
Evidence for this can be obtained from the %windir%\system32\macromed\Flash\install.log; specifically the line:
MessageBox: 12582960,"The version of Adobe® Flash® Player ActiveX that you are trying to install is not the most current version. Please visit http://www.adobe.com/go/getflashplayer to obtain the latest, most secure version."
Whilst I can understand (to some extent) the design of this feature - preventing the installation of an older client in this manner is disruptive to Adobe's clients.
It would be advantageous if we could override this using an MSI property. For example the Safe Versions features is in effect, unless the notional IGNORESAFEVERSIONS property is set to 'YES'. (Perhaps Adobe could consider this a feature request?)
This would afford protection for the maximum number of customers, but allow users with a business need to roll back to an older version of Flash player to shoulder the responisbility of running an older version.
http://kb2.adobe.com/cps/141/tn_14157.html is NOT a sensible solution for customer who are relient on GPSI for Flash Player installation. Repeatedly running the downloadable uninstaller is not a sane thing to do, as far as I can tell.
I've only tested this with the Adobe supplied MSI (not the in-browser installer) as I have thousands of machines to deploy this to.
Does anyone else have issues with this, and how do you get around them?

Hi,
Apologies for digging up this thread but this issue has meant that I haven't deployed any updates to the Flash Player ActiveX since 10.0.45.2 for fear that it'll break my whole GP software deployment.
Firstly, I don't think Adobe will ever do 'the right thing' and introduce a new MSI property to make the install ignore any existing SafeVersions registry keys because I don't think they can; the actual ActiveX install is a custom action that calls an external executable embedded within the MSI that doesn't use Windows Installer technology so it wouldn't be aware of any MSI properties.
However, I've recently revisited this problem and I think I may have come up with a solution.
The trick I've employed is to ensure that the HKLM\Software\Macromedia\FlashPlayer\SafeVersions registry key gets removed during the MSI uninstall routine. To do this you need to modify the MSI to add a new row into the Registry table.
You can do this by generating a transform using Orca, like so;
Registry = [any unique value you like]
Root = 2
Key = Software\Macromedia\FlashPlayer\SafeVersions
Name = *
Value = [Blank]
Component = ISRegistryComponent
The important bit is the asterix against the Name value. This tells the MSI to always remove that registry key upon uninstall no matter what existing values are contained within the key. Once that key is gone you can install any other version of Flash Player you like, even older versions.
This whole method of deployment relies on a couple of things to work though;
You must ensure that Flash Player auto updates are turned off for all your workstations that have Flash Player installed using Group Policy. http://kb2.adobe.com/cps/167/16701594.html describes this method. Note that for x64 machines you must place the MMS.CFG file under %systemroot%\SysWOW64\Macromed\Flash and not %systemroot\SysWOW64 like the document says. This ensures that your users don't manually update Flash Player out of your control and with an MSI that doesn't employ the fix as above.
Ensure that all future versions of Flash Player are pushed out using Group Policy and that you use the transform file above for each one. If you do this you can roll back to a previous version without issue.
Assign the MSI to your computers rather than users
I've only ever 'replaced' Flash Player in Group Policy when rolling out a new version rather than upgrade it. This means that the existing version is completely uninstalled before the new one. That's not to say that upgrades won't work, it's just that I've never tried it.
EDIT: 'Upgrading' previous MSI's works fine.
One last thing to note though is if you've already assigned Flash Player using Group Policy you can directly modify the install_flash_player_10_active_x.msi that was used to include the above registry row (ie, not using a transform) and then re-deploy it. This ensures that the SafeVersions key will be removed right from the start if it is ever uninstalled. Of course, if any of your users have manually upgraded to a newer version since then this won't work - in that case you'll have to remove the SafeVersions key manually, perhaps using a VB script (ideally at machine shutdown).
I hope this information helps anyone who's had a headache with deploying Flash Player through Group Policies.
Cheers,
Zinc
Message was edited by: Zinc666

11.5.2.602 Group Policy Installation issues

Consider the following scenario:
BigCorp wants to deploy a limited amount of software to their MS Windows desktop service, such that they can provide a rich browsing experience at login after a machine is joined to the domain. To facilitate this, they deploy browser plug-ins such as Flash and Shockwave using group policy software installation (GPSI).
This is a sensible decision, as there are vendor provided MSIs available to use and it ensures that the software is easily managed (upgrades, removal etc)
When attempting to deploy Shockwave v11.5.2.602 an incorrect repair of the MSI is triggered on first use of the software for each user.
On a standalone, otherwise clean, Windows XP SP3 machine with IE7:
1. Install the software as a user with the correct rights (AdminUser), using the MSI direct from Adobe.
2. Logout AdminUser and Login StandardUser
3. Visit http://www.adobe.com/shockwave/welcome/ - At this point the MSI runs a repair and logs the following to the application event log:
Event Type: Warning
Event Source: MsiInstaller
Event Category: None
Event ID: 1004
Date: 02/12/2009
Time: 09:30:48
User: IT-2220-VM4\Standard
Computer: IT-2220-VM4
Description:
Detection of product '{7D0F2155-D7D3-42CE-903F-684ADD77FF89}', feature 'Adobe_Shockwave_Player_', component '{E89F323D-7BDB-46E1-A0FD-6227821F94EA}' failed. The resource 'C:\Documents and Settings\AdminUser\Application Data\Adobe\' does not exist.
Event Type: Warning
Event Source: MsiInstaller
Event Category: None
Event ID: 1001
Date: 02/12/2009
Time: 09:30:48
User: IT-2220-VM4\Standard
Computer: IT-2220-VM4
Description:
Detection of product '{7D0F2155-D7D3-42CE-903F-684ADD77FF89}', feature 'Adobe_Shockwave_Player_' failed during request for component '{3D3697FC-DB90-46D8-9ED4-5D54B4901F62}'
*** Please note the path in EventID 1004 above (C:\Documents and Settings\AdminUser\Application Data\Adobe\) has been generated whilst logged in as StandardUser NOT AdminUser. ***
This condition will always be true, since there is no read permission on another users profile for a standard user account. Granting this right is not desirable in a roaming profile environment. This repair will be triggered for each and every user of the machine.
Though this repair appears to be non-destructive and doesn't appear to inhibit successful removal, it is undesirable behaviour.
Furthermore, and as other have mentioned, loading a shockwave item in a browser (IE7 in our case) also results in the following entry in the system event log:
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10000
Date: 02/12/2009
Time: 09:30:49
User: IT-2220-VM4\Standard
Computer: IT-2220-VM4
Description:
Unable to start a DCOM Server: {1F3CB77D-D339-49E0-B8E4-FECD6D6F8CB8}. The error:
"The filename, directory name, or volume label syntax is incorrect. "
Happened while starting this command:
C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE" -Embedding
We are keen to move to the latest version of Shockwave, for the obvious reasons, but these issues are going to make it difficult to get through our change management processes; as the package doesn't meet the requirements we have laid out for our user experiences.
Can someone at Adobe comment on the reason for this undesirable behaviour and how it came about? Can we expect later versions of Shockwave to exhibit the same behaviour?

Hi,
I have posted an MST file which fixes this and other issues to the following thread here:
http://forums.adobe.com/message/2697135#2697135
Please post any feedback to that thread!
Kind regards,
Chris Hill

Group Policy control of ActiveX installation

Our users are on Windows 8.1 and IE 11.
We use SQL reporting services at our company. Our users run reports from the Report Manager, which uses an ActiveX control to enable printing.
I need to allow our normal users to install this ActiveX control. Looking at this page http://technet.microsoft.com/en-us/library/dn454941.aspx I added the CLSID of the control to a GPO under
Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management. I linked
this GPO to an OU.
Even after making sure the policy was applied to the the computer, this ActiveX control still required popped a UAC dialog to allow the installation of this control.
What do I need to do to make this work?

Hi,
Please follow these steps:
Step 1: Convert ActiveX exe or cab file to MSI package
===================================
Install visual studio installer to create .msi package of ActiveX Control
Downloaded free Visual Studio installer from
http://msdn.microsoft.com/en-us/vs2005/aa718352.aspx
But this requires Visual Studio 6.0 to be installed
Step 2: Place the package in network share where all the users have access
Step 3: Create an organizational unit (OU) in active directory
Step 4: Add a group policy object (GPO) to the OU
Step 5: Publish the package using this GPO
=============================
1. Open Group Policy editor and go under User Configuration > Software Settings ->"Software Installation"
2. Right-click, select new > package, and browse to the package (make sure it's on a network location that all of his users will be able to access, because this is going to become the distribution point)
3. Once you choose a package, choose "Advanced" from the options list
4. On the Deployment tab, select "Assigned", click the "Advanced" button at the bottom, and make sure that "Include OLE class and product information" is checked, and that "Make this 32bit x86 application available to Win64
machines" Also, on the "Deployment" tab, make sure that "Install this application at logon" is checked.
After that, please be assured that we need to run gpupdate /force command on the client machines after applying the group policy on the server side.
Now log in to client machine using the user login created in the OU to check if it can work properly.
For more information, please refer to this article:
How To Install ActiveX Controls in Internet Explorer Using the Active Directory
http://support.microsoft.com/kb/280579
Karen Hu
TechNet Community Support

Installation blocked by group policy designed to prevent CryptoLocker

We have followed the steps outlined by bleepingcomputer.com to prevent as best we can the CryptoLocker virus. Link to article: http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information#prevent
Please update your Reader installer to not use %AppData%\Local\Temp\. The CryptoLocker prevention method involves blocking that and the following paths. I know many businesses using these techniques.
Block CryptoLocker executable in %AppData%
Path: %AppData%\*.exe
Security Level: Disallowed
Description: Don't allow executables to run from %AppData%.
Block CryptoLocker executable in %LocalAppData%
Path if using Windows XP: %UserProfile%\Local Settings\*.exe
Path if using Windows Vista/7/8: %LocalAppData%\*.exe
Security Level: Disallowed
Description: Don't allow executables to run from %AppData%.
Block Zbot executable in %AppData%
Path: %AppData%\*\*.exe
Security Level: Disallowed
Description: Don't allow executables to run from immediate subfolders of %AppData%.
Block Zbot executable in %LocalAppData%
Path if using Windows XP: %UserProfile%\Local Settings\*\*.exe
Path if using Windows Vista/7/8: %LocalAppData%\*\*.exe
Security Level: Disallowed
Description: Don't allow executables to run from immediate subfolders of %AppData%.
Block executables run from archive attachments opened with WinRAR:
Path if using Windows XP: %UserProfile%\Local Settings\Temp\Rar*\*.exe
Path if using Windows Vista/7/8: %LocalAppData%\Temp\Rar*\*.exe
Security Level: Disallowed
Description: Block executables run from archive attachments opened with WinRAR.
Block executables run from archive attachments opened with 7zip:
Path if using Windows XP: %UserProfile%\Local Settings\Temp\7z*\*.exe
Path if using Windows Vista/7/8: %LocalAppData%\Temp\7z*\*.exe
Security Level: Disallowed
Description: Block executables run from archive attachments opened with 7zip.
Block executables run from archive attachments opened with WinZip:
Path if using Windows XP: %UserProfile%\Local Settings\Temp\wz*\*.exe
Path if using Windows Vista/7/8: %LocalAppData%\Temp\wz*\*.exe
Security Level: Disallowed
Description: Block executables run from archive attachments opened with WinZip.
Block executables run from archive attachments opened using Windows built-in Zip support:
Path if using Windows XP: %UserProfile%\Local Settings\Temp\*.zip\*.exe
Path if using Windows Vista/7/8: %LocalAppData%\Temp\*.zip\*.exe
Security Level: Disallowed
Description: Block executables run from archive attachments opened using Windows built-in Zip support.

Hi, I am using a toshiba personal laptop, windows 7 home premuim. No one else uses it, nor have i brought it to any buisness , other home, etc.
I have been blocked by group policy for 3 months. I have spend over 200 dollars on ITs to only tell me they have never seen this before, and to buy a new laptop.. I have no idea why i am the admin, and only user yet all i can open is aol.
I am at my wits end, and will go buy another laptop, deffenitly nothing like this one.. I have lost alot of time and money trying to fix this, late payments etc
thanks for any input
aimee
oh my isp is cox, and i have a router
reading this I am able to identify that you are contaminated with malware, it may has also affected your recovery
try recovery to factory fresh and then install Microsoft Security Essentials so that you have 1/2 a chance next time
Corsair Carbide 300R with window
Corsair TX850V2 70A@12V
Asus M5A99FX PRO R2.0 CFX/SLI
AMD Phenom II 965 C3 Black Edition @ 4.0 GHz
G.SKILL RipjawsX DDR3-2133 8 GB
EVGA GTX 6600 Ti FTW Signature 2(Gk104 Kepler)
Asus PA238QR IPS LED HDMI DP 1080p
ST2000DM001 & Windows 8.1 Enterprise x64
Microsoft Wireless Desktop 2000
Wacom Bamboo CHT470M
Place your rig specifics into your signature like I have, makes it 100x easier to understand!
Hardcore Games Legendary is the Only Way to Play!

Software Installation Processing Alerts - Group Policy Failures?

Hello,
I am getting several errors reported by SCOM Software Installation Processing alert
In the local event log I have:
Warning 9/15/2014 11:09:37 AM GroupPolicy 1112 None
Warning 9/15/2014 11:09:37 AM Application Management Group Policy 108 None
Error 9/15/2014 11:09:37 AM Application Management Group Policy 103 None
Warning 9/15/2014 11:09:37 AM Application Management Group Policy 101 None
with the details:
101 - The assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %%1274
103 - The removal of the assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %%2
108 - Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %%1274
1112 - The Group Policy Client Side Extension Software Installation was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.
- Computer Configuration > Policies > Administrative Templates > System > Group Policy > Policy > Startup policy processing is enabled
what does exactly this means?
Thanks,
Dom
System Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 / Forefront Client Security / Forefront Identity Manager

Hi,
Yes the packaged is installed.
Troubleshooting the issue deeper with http://support.microsoft.com/kb/249621/en-us is showing
Software installation extension has been called for background policy refresh
09-16 06:34:09:346
Software installation extension has been called for background policy refresh
The following policies are to be applied, flags are 11.
MITS Servers Software (unique identifier {E76FB561-E177-421D-AE43-109EADEAD751})
System volume path = \\ad.medctr.ucla.edu\sysvol\ad.medctr.ucla.edu\Policies\{E76FB561-E177-421D-AE43-109EADEAD751}\Machine
Active Directory path = LDAP://CN=Machine,cn={E76FB561-E177-421D-AE43-109EADEAD751},cn=policies,cn=system,DC=ad,DC=medctr,DC=ucla,DC=edu
Set the Active Directory path to LDAP://CN=Class Store,CN=Machine,cn={E76FB561-E177-421D-AE43-109EADEAD751},cn=policies,cn=system,DC=ad,DC=medctr,DC=ucla,DC=edu;.
Enumerating applications in the Active Directory for computer MSVROFAS2 with flags 5.
The following applications were found in policy MITS Servers Software.
Assigned application SMS Client Setup Bootstrap (flags a0044c70).
Found 1 applications in policy MITS Servers Software.
Enumerating the managed applications which are currently applied to this user.
No managed applications are currently applied to this user.
Found 0 applications locally that are not included in the set of applications from the Active Directory.
Application SMS Client Setup Bootstrap from policy MITS Servers Software is set for installation because it is assigned to this computer policy.
Software installation extension cannot perform removal or install operations during asynchronous policy refresh and will force a synchronous foreground refresh.
The assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %1274
Removing application SMS Client Setup Bootstrap from the software installation database.
Calling Windows Installer to remove application advertisement for application SMS Client Setup Bootstrap from script C:\Windows\system32\appmgmt\MACHINE\{ecbf218d-0d04-4b00-a43e-91ba5c41d119}.aas.
Windows Installer cannot remove application advertisement for application SMS Client Setup Bootstrap from script C:\Windows\system32\appmgmt\MACHINE\{ecbf218d-0d04-4b00-a43e-91ba5c41d119}.aas, error 2.
The removal of the assignment of application SMS Client Setup Bootstrap from policy MITS Servers Software failed. The error was : %2
Policy Logging for Software Management is attempting to log application SMS Client Setup Bootstrap from policy MITS Servers Software.
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was : %1274
Software installation extension has detected changes that require a synchronous foreground policy refresh.
Software installation extension returning with final error code 1274.
And this is happening hourly !!!
This is the current status...
Thanks,
Dom
System Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 / Forefront Client Security / Forefront Identity Manager

Software Installation - Group Policy

I created a group policy objects to include software installation of both Adobe Flash Player ActiveX and NANPI but they did not update both on several systems that I tested on.
UNC Path to both MSI files are good and I checked permission, it should not be any problem for these systems to access both MSI files. My goal is to update existing Adobe Flash to latest version and to install them if any system do not have them.
I do not understand why Group Policy failed to update Adobe Flash ActiveX and NANPI version 14 to 16 on both systems.

Application Event Log is showing this:
Application Management Group Policy
General
Failed to apply changes to software installation settings. The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. The error was
: %%1274
Detail
-> Event Data: The installation of software deployed through Group Policy for this user has been delayed until the next logon because the changes must be applied before the user logon. 1274
Do you have any idea what this can be causing this problem?

Fireworks 8 Installation Problem via Group Policy

Hi,
We are trying deploy Studio 8 across our site using the
provided MSI's and Group Policy following this guide -
http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=332882
I have created the mst files for all products and set them to
be deployed by group policy. Dreamweaver, Flash, Contribute, Flash
Video Encoder and Flash Extensions Manager all install fine however
Fireworks will not, looking in the event log it doesn't even
attempt to install. All folders have the same permissions, the MSI
& MSTs are all part of the same Group Policy Object using the
"Software Installation" method with the same permissions.
Fireworks will install using MSIEXEC from the command line so
the package and mst are fine.
Has anyone else come across this problem?
Thanks
Matt

We are having the same issue here at our NSW High School. I
have traced the problem to be that Fireworks wants to deploy in
Chinese (instead of English) and because of this it will not
install. I am looking for a way to convert the msi file to an mst
so I can choose English as the default install language.
Hope this info is useful

MSI Package Software Installations and uninstallations by group policy and sccm

Hi,
            I have a domain comprising approx. 30 ADCs, 5000 clients and 50 OUs. Our developers have created a c# Program for fetching some information from client machines and displaying them on their
screen on bootup (presence of 2 particular softwares, antivirus presence and its update date, OS patches updation etc... ). This program(.msi) and .net framework 4.0 is required to be pushed to all client machines. We have SCCM server through which we can
push software to be installed on clients. There are no. of ADCs for controlling different sites and OUs. Now I need to push this msi and .net framework to all clients. Dotnet framework I pushed from SCCM & it is successful.
Till today I have pushed this .MSI package using Group policy software installation settings using a local sharepath & sysvol.
In Local Share path , MSI source is availbale at only one ADC and all clients contact this adc only to install software and its taking very long time to boot.
Using Sysvol share path , MSI Source is available at All ADC and All Clients Contact their Site's ADC to install software.Only Win 7, win 8 machines are getting install and software is not able to install on XP and vista machine. What might be the
problem for xp machine getting it from sysvol path?
The error for XP machines is that Sysvol path is not accessible/ source is not available.
   Now I need to have some other fullproof method to apply it. How I need to push this .MSI packages to all sites (ADCs) in my child domain from my PDC.
   I want to know the steps & methods for installing & uninstalling this .MSI package using Group policy and SCCM as well.
   Thanks for replying...

Hi,
Based on your description, I want to confirm whether we have more than one domain. If we have more than domain, it is suggested that we can push the
MSI package from each domain.
Regarding how to use Group Policy to remotely install software, the following article can be referred to for more information.
How to use Group Policy to remotely install software in Windows Server 2008 and in Windows Server 2003
http://support.microsoft.com/kb/816102/en-us#method1
In addition, you also mentioned how to use SCCM to do this, in order to get better assistance, we can ask help in the following SCCM forum.
System Center Configuration Manager
http://social.technet.microsoft.com/Forums/systemcenter/en-US/home
Best regards,
Frank Shen

Group policy software installs to remote users without VPN

Matt:Funny you should ask this, I justpublished a post in the Active Directory groupon how to extend AD domain services to remote users without the cost and complexity ofa traditional VPN. While DirectAccess provides a viable option, it requires Windows 7 Enterprise clients and there are a lot of moving parts to making it work (see this article).Pertino gives you the functionality and end user transparency of DirectAccess, but it works with any Windows 7 client version as well as Macs and is super simple to deploy and administer.Here's a video that shows you how.If it looks like it might work for you, you can try Pertino free for 30-days by goinghere.

If you were able to configure DirectAccess; your remote users would be connected to the corporate network without a VPN at all times - though I'm thinking this is not applicable to your situation.
But strictly speaking, you cannot use Group Policy Software Installation to manage software on computers that are not connected to the corporate network. 1) They are unable to retrieve the policy, and 2) unable to retrieve the software package.
You would need a 3rd party solution for this.

Installation using Group Policy

Captivate is being deployed to some workstations in our
office and I would like to use a Windows 2000 Group Policy to do
this. I have not found any documentation regarding this. Is it
possible to deploy this way?

Captivate's license is a single-machine license so far as I
know (... and I'm a complete blank about "Group Policies" as I've
never even seen the term before - sorry).
Beyond that, you will probably have to contact someone at
Adobe Sales. Your question is really outside the realm of these
user-to-user forums. Good luck!

Deploying Creative Cloud for Teams via Group Policy

Good afternoon, we are trying to deploy our Creative Cloud for Teams products. Our ideal situation would be where we are able to deploy the Creative Cloud Software (e.g. including Photoshop, InDesign, Illustrator, etc) using Group Policy, then assign the respective user licenses using the Management Console. This would send out the email to the applicable user for them to create and Adobe ID, and use the software that has been installed. However, we are able to install the software using Group Policy Deployment using the msi created using the Creative Cloud Packager, but any user is able to use the software on the PC, not just the person who has been assigned the licence via the console email. Is anyone else successfully deploying in this way?
Kind regards
Mel

Team license links that may help
-team plans https://creative.adobe.com/plans?plan=team
-http://www.adobe.com/creativecloud/buy/business.html
-https://helpx.adobe.com/contact/creative-cloud-teams.html for Team help
-manage your team account http://forums.adobe.com/thread/1460939?tstart=0
-Team Installer http://forums.adobe.com/thread/1363686?tstart=0

Outlook 2013 - wrap text group policy applied, not working with or without digital signature

Hello,
I'm adding group policies to apply on our new installations of Windows 8.1 with Office 2013. One of the settings being applied is enforcing plain text emails and wrapping text at a certain number of characters. Policies are being added using the Outlook
2013 admx.
When I check the options inside Outlook 2013 the group policy did apply successfully (File, Options, Mail, scroll down to Message Format) The option to "Automatically wrap text at character:" is set to 132 and not adjustable as it should be.
In the group policy I have it set to wrap at 132 characters, but when I go to a client machine and send a digitally signed email, it wraps at the default 76 characters. This makes for very annoying short blocky emails and multi-line hyperlinks.
If I do not digitally sign the email then the text doesn't wrap at all! (until it meets the end of the window). So under no circumstances is it wrapping at 132 where it's supposed to.
Thanks,
-Nick

Hi,
What is your account type in Outlook? Exchange or others?
Please also let me know the email format that you are sending, Plain Text, HTML or Rich Text Format.
You can try sending the same emails in Outlook Safe Mode:
Press Win + R and type “outlook.exe /safe” in the blank box, then press Enter.
If there’s no problem in Safe Mode, disable the suspicious add-ins to verify which add-ins caused this issue.
Thanks,
Melon Chen
Forum Support
Come back and mark the replies as answers if they help and unmark them if they provide no help.
If you have any feedback on our support, please click
here

MSI not installing via Group Policy - Insists location does not exist

Hi
I am creating a group policy object whereby I am pointing my software package installation to \\192.168.1.3\GPO\MSOCached32bit.msi
The location has permissions for the machine accounts on both the share and the ntfs permissions with read only access.
I have created an OU and moved a Windows XP machine into it, linked the GPO and made sure that the XP machine is not using optimised log on.
From the machine I can reach the share and see the file from the path above.
However each time I reboot the machine I am testing on the installation fails, the exact error being:
The install of application MSO from policy MSO Installation failed. The error was : The installation source for this product is not available. Verify that the source exists and that you can access it.
This is rather odd, since I can see it, the machine account has permissions to see it and I cannot see what the problem is.
I have then gone on to enable verbose logging of the MSI installer which has produced the following:
=== Verbose logging started: 18/08/2011 15:36:18 Build type: SHIP UNICODE 3.01.4001.5512 Calling process: \??\C:\WINDOWS\system32\winlogon.exe ===
MSI (c) (AC:B0) [15:36:18:666]: Resetting cached policy values
MSI (c) (AC:B0) [15:36:18:666]: Machine policy value 'Debug' is 7
MSI (c) (AC:B0) [15:36:18:666]: ******* RunEngine:
           ******* Product: {96b77fe2-a045-4f3f-9a73-1bf359d0eaaf}
           ******* Action:
           ******* CommandLine:
MSI (c) (AC:B0) [15:36:18:666]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (AC:B0) [15:36:18:666]: Grabbed execution mutex.
MSI (c) (AC:B0) [15:36:18:736]: Cloaking enabled.
MSI (c) (AC:B0) [15:36:18:736]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (AC:B0) [15:36:18:736]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (B4:CC) [15:36:18:756]: Grabbed execution mutex.
MSI (s) (B4:D0) [15:36:18:766]: Resetting cached policy values
MSI (s) (B4:D0) [15:36:18:766]: Machine policy value 'Debug' is 7
MSI (s) (B4:D0) [15:36:18:766]: ******* RunEngine:
           ******* Product: {96b77fe2-a045-4f3f-9a73-1bf359d0eaaf}
           ******* Action:
           ******* CommandLine: CURRENTDIRECTORY="C:\WINDOWS\system32" CLIENTUILEVEL=3 CLIENTPROCESSID=940
MSI (s) (B4:D0) [15:36:18:766]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (B4:D0) [15:36:18:766]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (B4:D0) [15:36:18:766]: User policy value 'DisableMedia' is 0
MSI (s) (B4:D0) [15:36:18:766]: Machine policy value 'AllowLockdownMedia' is 0
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Media enabled only if package is safe.
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Looking for sourcelist for product {96b77fe2-a045-4f3f-9a73-1bf359d0eaaf}
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Adding {96b77fe2-a045-4f3f-9a73-1bf359d0eaaf}; to potential sourcelist list (pcode;disk;relpath).
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Now checking product {96b77fe2-a045-4f3f-9a73-1bf359d0eaaf}
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Media is enabled for product.
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Attempting to use LastUsedSource from source list.
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Processing net source list.
MSI (s) (B4:D0) [15:36:18:766]: SOURCEMGMT: Trying source \\192.168.1.3\GPO\.
MSI (s) (B4:D0) [15:36:19:427]: Note: 1: 1314 2: \\192.168.1.3\GPO\
MSI (s) (B4:D0) [15:36:19:427]: ConnectToSource: CreatePath/CreateFilePath failed with: -2147483648 1314 -2147483648
MSI (s) (B4:D0) [15:36:19:427]: ConnectToSource (con't): CreatePath/CreateFilePath failed with: -2147483648 -2147483648
MSI (s) (B4:D0) [15:36:19:427]: SOURCEMGMT: net source '\\192.168.1.3\GPO\' is invalid.
MSI (s) (B4:D0) [15:36:19:427]: Note: 1: 1706 2: -2147483647 3: MSOCached32bit.msi
MSI (s) (B4:D0) [15:36:19:427]: SOURCEMGMT: Processing media source list.
MSI (s) (B4:D0) [15:36:19:437]: Note: 1: 2203 2: 3: -2147287037
MSI (s) (B4:D0) [15:36:19:437]: SOURCEMGMT: Source is invalid due to missing/inaccessible package.
MSI (s) (B4:D0) [15:36:19:437]: Note: 1: 1706 2: -2147483647 3: MSOCached32bit.msi
MSI (s) (B4:D0) [15:36:19:437]: SOURCEMGMT: Processing URL source list.
MSI (s) (B4:D0) [15:36:19:437]: Note: 1: 1402 2: UNKNOWN\URL 3: 2
MSI (s) (B4:D0) [15:36:19:437]: Note: 1: 1706 2: -2147483647 3: MSOCached32bit.msi
MSI (s) (B4:D0) [15:36:19:437]: Note: 1: 1706 2: 3: MSOCached32bit.msi
MSI (s) (B4:D0) [15:36:19:437]: SOURCEMGMT: Failed to resolve source
MSI (s) (B4:D0) [15:36:19:437]: MainEngineThread is returning 1612
MSI (c) (AC:B0) [15:36:19:437]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied. Counter after decrement: -1
MSI (c) (AC:B0) [15:36:19:437]: MainEngineThread is returning 1612
=== Verbose logging stopped: 18/08/2011 15:36:19 ===
As you can see from the above highlighted line, it says its invalid, but I cannot for the life of me understand why?
Thanks in advance for any help!

Hi,
This is not something related to the GPO issue. The issue is with MSI and the packaging. Condition the ResolveSource action.
Try Copying the MSI to local machine using a script and execute it.
ResolveSource actually requires that the original installation source is available whenever it is called. If your installer package is authored correctly, source must only be resolve in cases where the original RTM files are missing or during some patch
uninstall scenarios.
http://blogs.msdn.com/b/heaths/archive/2007/10/25/resolvesource-requires-source.aspx
http://msdn.microsoft.com/en-us/library/aa371232%28VS.85%29.aspx
http://www.appdeploy.com/messageboards/printable.asp?m=48703
If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before
implementing!

Deploying Office 2013 with Group Policy

I would like to deploy Office 2013 using group policy. I am new to group policy so am looking for some advice and guidance on the best way to deploy. I would like to deploy with no interaction with the user but yet display a message so that they
know not to open Office. I would also like to create a custom registry setting so that if I need to re-install, all I have to do is delete the registry setting. I have tried a group policy for installing with OCT settings (Basic, Suppress
Model checked, No Cancel checked, Completion Notice checked) and modifying the Config.xml (<Display Level="Basic" CompletionNotice="yes" SuppressModal="yes" AcceptEula="yes" />) but I can not get it to display
the installer screen so that users know it is installing. It does display the screen when running the setup.exe manually. I have a setting in the OCT that creates the registry setting and that is working correctly. My group policy is set to run the
below bat file at startup in the Computer Configuration.
setlocal
REM *********************************************************************
REM Environment customization begins here. Modify variables below.
REM *********************************************************************
REM Get ProductName from the Office product's core Setup.xml file, and then add "office15." as a prefix.
set ProductName=Office15.Standard
REM Set DeployServer to a network-accessible location containing the Office source files.
set DeployServer="\\xxxxxx\setup.exe"
REM Set LogLocation to a central directory to collect log files.
set LogLocation=\\xxxxx\Logfiles
REM *********************************************************************
REM Deployment code begins here. Do not modify anything below this line.
REM *********************************************************************
IF NOT "%ProgramFiles(x86)%"=="" (goto ARP64) else (goto ARP86)
REM Operating system is X64. Check for 32 bit Office in emulated Wow6432 uninstall key
:ARP64
reg query HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\Microsoft\Windows\CurrentVersion\Uninstall\%ProductName%
if NOT %errorlevel%==1 (goto End)
REM Check for 32 and 64 bit versions of Office 2013 in regular uninstall key.(Office 64bit would also appear here on a 64bit OS)
:ARP86
reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%ProductName%
if %errorlevel%==1 (goto Office) else (goto End)
REM If 1 returned, the product was not found. Run setup here.
:Office
%DeployServer%
echo %date% %time% Setup ended with error code %errorlevel%. >> %LogLocation%\%computername%.txt
REM If 0 or other was returned, the product was found or another error occurred. Do nothing.
:End
Endlocal
Any advice or guidance would be greatly appreciate on how to get a pop up message while software is installing or if there is a better way to deploy.

> but I can not get it to display the installer screen so that users know
> it is installing. It does display the screen when running the setup.exe
> manually. I have a setting in the OCT that creates the registry setting
> and that is working correctly. My group policy is set to run the
> below bat file at startup in the Computer Configuration.
Check http://gpsearch.azurewebsites.net/#2308 - if this is enabled, you
will not be able to show "anything" in startup scripts...
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :))

Group Policy Installation

Similar Messages

Maybe you are looking for