Deploy package for GPO install without NTP
I am having a horrible time trying to deploy a package for deployment to clients through GPO without installing Network Threat Protection. I have exported the package from SEPM multiple times using all options I can. What am I missing?
On my most recent attempt, I created a custom client install setting (removed all previous logs and policies, and reset the client-server communication settings), created a custom client install feature set (Antivirus and Antispyware Protection with POP3/SMTP Scanner and nothing else), and exported the package using as a managed client in the default group.
The software installs on the clients via GPO without any problem. It sets up communication with SEPM and everything works properly. The only issue is, it installs Network Threat Protection. We do NOT want NTP installed on any of our clients. What am I missing to make this not install with the GPO install?
Re
Did you try to remove the software from the clients before deploying again or your just doing an overwrite install?
Fresh image
The machines I've been testing with have been freshly reimaged. They have never had a trace of Endpoint or any other software on them other than Windows XP.
it is normal
Hi,
when you use the MSI unfortunately the settings regarding the selected features are lost.
See these discussions:
https://www-secure.symantec.com/connect/forums/dep...
https://www-secure.symantec.com/connect/forums/dep...
and similar.
Giuseppe
Why GPO?
If I may ask, why would you want to deploy via GPO?
The SEPM can install to all clients or the clients you choose...
That being said, when you create your Package, the one with a single Executable, with out NTP; you can use an MSI repackaging software and than deploy via GPO; since as pointed out in the threads above, the MSI created by the SEPM cannot do it.
I was trying to avoid doing
I was trying to avoid doing an .mst file, as I am horrible with using Orca. I will try this, though, and see if I can make it do what I want. Thanks for the links to the other threads.
7,000+ clients across 25
7,000+ clients across 25 buildings with technicians that do whatever they want in some of those buildings? If we did not use GPO to deploy along with other policies in OUs required for the pcs to work properly, we would NEVER have any AV software on half our machines. Perhaps once we get NAC up and running properly, we can eliminate the GPO and be able to manage with SEPM alone. That, too, is highly unlikely due to the small staff we have to support the large volume of clients and end users. There are not enough of us to take care of all of them. GPOs are most likely going to remain forever. Six people at the district level to support almost 8,000 clients and in the neighborhood of 20,000 users? GPOs just make life much easier for all of us.
Orca...
I hate Orca. I tried adding a row to the property table. I named it ADDLOCAL with the values Core,SAVMain,OutlookSnapin,PTPMain,COHMain. I removed POP3 and SMTP because we do not use them. It still installed NTP. I did look at my .mst file again, and the ADDLOCAL row I created changed the name to ADD LOCAL (with a space in between) when I saved it. Could that be the issue? If so, what do I need to do to prevent it from renaming itself. I originally put the entry in as ADDLOCAL (without a space.)
Re
Hi jeremy, how about deploying it as an exe. You could also use a batch file to copy the package first then run it.
Would you like to reply?
Login or Register to post your comment.