Lab 05: AD GPO & SW Deployment - squatchulator/Tech-Journal GitHub Wiki

Lab 05: AD GPO & SW Deployment

  • First, head into MGMT01. Go into Server Manager -> ADUC, and create a new OU called Test OU. Now, go back into Server Manager and launch a Powershell instance on AD01 and enter the following commands:
New-ADOrganizationalUnit -Name "Software Deploy" -Path "DC=miles,DC=local"
Move-ADObject -Identity "CN=WKS01-MILES,CN=Computers,DC=miles,DC=local" -TargetPath "OU=Software Deploy,DC=miles,DC=local"
Move-ADObject -Identity "CN=Miles Cummings,CN=Users,DC=miles,DC=local" -TargetPath "OU=Software Deploy,DC=miles,DC=local"
Remove-ADOrganizationalUnit -Identity "OU=Test OU,DC=miles,DC=local"
  • Once that's been done, open Powershell again on MGMT01 and run this command to pull the Putty installer:
Invoke-WebRequest -Uri "https://the.earth.li/~sgtatham/putty/latest/w64/putty-64bit-0.80-installer.msi" -OutFile putty-64bit-0.80-installer.msi
  • In Server Manager, add roles and features to MGMT01 - add File Server Resource Manager.
  • Create a folder under your C:\ directory called Software and place your new Putty installer in there.
  • Now head back into Server Manager and go to File and Storage Services -> Shares -> right click -> New Share. Make it a SMB Quick Share and place it on MGMT01. Select the custom path option and set it to C:\Software.
  • Open up Group Policy Manager and navigate to your Software Deploy folder. Create a new GPO called "Deploy SW" in that OU. Edit it and expand Policies -> Software Settings, right click it and select New Package, and find your installer in the Software folder in your file share.
  • Head over to WKS01 and open Powershell. Run gpupdate /force and let it restart. Log back in as your non-admin domain user and verify that Putty is installed.
  • To verify this worked in another way, open up Event Viewer and expand the Windows Logs. Go to Application, and click Filter Current Log. In the Event Sources dropdown, select Software Installation to filter for application installs.
  • You can also do this via Powershell using:
Get-WinEvent -LogName "Application" -FilterXPath "*[System[Provider[@Name='Software Installation']]]"