This article applies to:
- Mobile Client (legacy version)
Question:
- Can I install mobile client using Group Policy?
- How can I install mobile client using Group Policy?
Information:
The Windows Mobile Client can be installed directly, by launching it from the client workstation or by assigning it to the client with Windows Group Policy. This is the "normal" installer for Windows. For Max OS X use Apple Remote Desktop to distribute in bulk.
The modified 8e6client.msi file is distributed to multiple Windows workstations by creating a Group Policy Object (GPO) which assigns this software to the required computers on the network.
NOTE: The procedure suggested below presumes that you are using the free add-on Group Policy Management Console (GPMC) provided by Microsoft.
1. Make the distribution .msi file available to the target workstations on a network share (e.g. \\{servername}\8e6MobileClient\8e6client.msi) .
2. Create a new Group Policy Object (GPO):
a. in the GPMC, select Group Policy Management > Forest > Domains > {domain name} > Group Policy Objects.
b. Right-click and choose "New", then create a name for the policy (suggested name: "Mobile Client Deployment"). Click OK.
c. In the Group Policy Object Editor, open the {policy name} > Computer Configuration > Software Settings > Software installation node.
d. Click the right panel and choose New > Package. Navigate to the distribution .msi file you shared in step
1, and then click “Open”. When prompted, select "Assigned" for the deployment method. Click OK.
e. Right-click the new package and choose Properties > Deployment, and then check the "Uninstall this application when it falls out of the scope of management" box. Click OK.
f. Close the Group Policy Object Editor.
3. Link the new policy:
a. In the GPMC, select the domain or organizational unit for which the policy should be applied.
b. Right-click, choose "Link an existing GPO", and then select the new policy you created in step 2. Click OK.
c. Right-click the new policy in the tree, and then deselect the "Link Enabled" menu checkmark. (The link will be re-enabled later in this procedure.)
4. Create a filter for the policy:
A GPO filter limits the scope of the policy so that the Mobile Client is only installed on the appropriate computers. For example, you may want to install it on all workstations but not servers. There are two types of filters: Security filters and WMI filters.
To create a Security filter:
a. Select the new policy link. Note the "Security Filtering" section in the Scope panel to the right.
b. Click "Authenticated Users" and then "Remove".
c. Click "Add...", and then click "Object Types". Check the "Computers" type and uncheck the "Users" type. Click OK.
d. Enter the names of all the computers to receive the Mobile Client installation, separated by semicolons.
(Alternatively, you can select a User or Computer group created previously—details of group creation are beyond the scope of this procedure. Click OK.
To create a WMI filter:
WMI filters are capable of applying very sophisticated selection criteria to set the scope of a policy. See Microsoft Knowledgebase article #555253 for details on creating WMI filters: http://support.microsoft.com/kb/555253
5. Enable the policy link: Return to the new policy link in the GPMC for the target domain or Organizational Unit, right-click, and then choose "Link Enabled".
6. Test the deployment:
a. Select one of the workstations within the scope of the policy and refresh its policies by running gpupdate. exe.
NOTE: By default, Windows periodically refreshes the group policy automatically. Using gpupdate allows you to force an immediate refresh for test purposes—this is not something all users on the network should be required to do.
b. Reboot the workstation and log in.
NOTE: In some cases involving Windows XP workstations, it may be necessary to reboot twice for Group Policy processing to occur.
c. Verify the Mobile Client is blocking access to unauthorized sites.
