Should GPO deployment just work?

Hi All,

Quick question I've created a Test OU on AD and put 2 test PCs in it. I then went to GPO deployment and selected to add that specific OU with the option to install on 32 / 64-bit systems. I assumed that after booting up either test machines it should just have had the GPO and install DA. 

That does not seem to be the case, nothing happens at all. Clearly I'm missing something but i'm not quite sure what. 

Sorry if the question is stupid I'm just getting used to a lot of new software in my new role.

  • Hi terry.jeyes,
    Yes, it is expected that the GPO would be applied without a problem under the circumstances that you described in your posting. You might try dropping to a command prompt on the one of the affected systems and perform the GPRESULT /R command. That should tell you if the GPO is getting applied or not. If the GPRESULT does not list the DA GPO as being applied, then you might want to check the Windows Event Viewer to see if there are any problems applying any group policy objects to the machine. If there are any policies that cannot be applied for any reason, it can prevent any other GPOs from being applied.
  • Hi,

    I've got the GPO running on on a test OU with 1 user in it. And I'm still playing around with DA but I'm being pushed to role it out ASAP.

    I am worried about a number of things regarding deployment. If for example I go down the route of using the script to deploy DA and log onto a server it will start to install DA which we don't want on any of our servers is there anyway to stop this from happening?

    Also I've noticed with GPO that it will install the software but does not update the profiles with any changes I make
  • We have the GPO enabled, but I don't think we have ever used it, it seems to take hours/days to do it and we always have logged in to the computer by then. When logging in for the first time using any account that has the SLOGIC profile script, it auto-installs Deskop Authority in the background. Of course now we have it in our standard image so it goes out on all the new builds anyway.

    For servers, under "global options" we have it set to not execute on "member servers" and "domain controllers" and it seems to work fine, it doesn't even install on our servers.

    A reminder - if you put DA into your image for installing on new computers, make sure you remove the GUID first, otherwise inventory reporting won't be accurate (we actually run a rule each year that deletes and rebuilds the GUID on every computer just in case of duplicates)
  • Hello terry.jeyes,

    butlerm is correct, you can use “Exceptions” to prevent Desktop Authority from running on specific/types of machines.

    Client Configuration | Global Options | Common Management Options | Exceptions

    It’s recommended to not put the Desktop Authority (DA) client on an image if possible and let the DA client uniquely install on each machine. However if you are going to put the client on an image then you need to clear the CLSID key on all the machines so that they can be identified individually. Follow This KB for the steps on how to do that.