Ravis Secret
Essay by 24 • November 4, 2010 • 1,552 Words (7 Pages) • 1,389 Views
No one likes the idea of manually installing new versions of applications onto each individual PC in the office. Fortunately, you don't have to. In this article, I will explain how to use the Active Directory to deploy applications, even if those applications don't come with a Windows installer package.
One of the biggest chores that administrators have to deal with is application lifecycle management. Whether an office has 20 PCs or 20,000, no one likes the idea of going from machine to machine with an installation CD every time a new version of an application is released. There are programs that are designed to help administrators manage applications across a network, but most tend to be overly complicated and expensive. Microsoft's SMS Server for example costs $1,219, not counting the necessary Windows Server license or additional client access licenses beyond the ten that the product comes with.
What you might not realize though is that Windows Server contains tools that you can use to deploy applications throughout your organization without having to buy any third party software. I will tell you up front though that the built in software deployment tools are not as good as what you would get in a third party application. Therefore, if you already have a copy of SMS Server or something similar, you will probably want to keep using it.
Before We Begin
The technique that I'm about to show you will allow you to deploy applications through the Active Directory. One of the major limitations behind this type of application deployment is that you can only use this technique to deploy certain types of applications. Specifically, you can install Windows Installer packages (.MSI files), Transform Files (.MST files), and patch files (.MSP files).
A few years ago, this limitation was a major hurdle because almost no one packaged applications in the three supported file types. You could use the Active Directory to deploy Microsoft Office, but that was about it. Today, it's common for applications to include a Windows installer package (a .MSI file), so it's a lot easier to deploy applications through the Active Directory than it used to be.
Even if the application that you want to deploy doesn't include a Windows Installer package, you aren't completely out of luck. It's possible to make your own MSI file for an existing application.
Creating MSI Files
Windows does not natively contain the necessary tools for you to create your own MSI files. Instead, you will have to rely on a third party MSI creation tool. There are several good tools available for free. Two of the more popular choices are MAKEMSI (http://www.labrinth.net.au/~dbareis/makemsi.htm) and WinInstall LE 2003 (http://www.ondemandsoftware.com/freele.asp).
The reason why .MSI files are the preferred installer package for Windows is because of the file format's capabilities. When you install or uninstall an MSI file on a machine running Windows XP, Windows creates a system restore point. Furthermore, MSI files allow the application to be "self healing". I'll talk more about this later on, but basically this means that if part of the application is damaged or removed, then Windows has enough information to replace the damaged or missing parts. Finally, MSI files allow the system to automatically perform a rollback to its previous state if an installation should fail.
With MSI files having so many capabilities, it should come as no surprise that MSI files tend to be a bit complex. MSI files are actually database files with information pertaining to every file and setting that the application installs or modifies. Because of this complexity, most of the MSI file creation utilities require you to do at least some scripting when you create an MSI file.
Being that I've never been a big fan of script writing, I prefer to use the WinInstall LE tool to create MSI files. It doesn't require any scripting, but it is a little time consuming to use. WinInstall LE requires you to have a machine with a clean Windows installation and network connectivity. The software then takes a snapshot of this machine and saves the configuration image. You would then install the application that you want to create the MSI file for and take another snap shot. WinInstall would then compare the snapshots and use the differences between the two images to create an MSI file and the corresponding installation package.
This method is a little time consuming, but is far less tedious than writing scripts. Another advantage to using this method is that it is possible to install multiple applications on to the clean machine prior to taking the second snap shot. This means that you can create a single MSI file and installation package that deploys multiple applications.
Publishing and Assigning Applications
Now that you know how to create an MSI file, there is one last concept that I need to talk about before I show you how to deploy an application thorough the Active Directory.
As you may already know, in an Active Directory environment, group policies are the main component of network security. Group policy objects can be applied either to users or to computers. Deploying applications through the Active Directory is also done through the use of group policies, and therefore applications are deployed either on a per user basis or on a per computer basis.
There are two different ways that you can deploy an application through the Active Directory. You can either publish the application or you can assign the application. You can only publish applications to users, but you can assign applications to either users or to computers. The application is deployed in a different manner depending on which of these methods
...
...