- Windows 2003 or 2008 domain controller
- DNS server
- Windows workstation (Windows XP was used for this article)
- Target workstation must have the Entrust Root CA (2048) installed or else installation might fail.
- AD and DNS, including the DNS lookup of the AD domain controller, must all be functioning properly.
- Verify the workstation can resolve the name of the AD server that contains the client library.
- NOTE: You cannot add advanced options such as TPE=0 or SUP=password when installing with GPO. If you need to add command line paramters, this installation method will not work for you.)
How to install the Threatpulse client via GPO
- From the domain controller or from a server on the network, access the ThreatPulse portal at https://portal.threatpulse.com.
- Select (Service mode > Network > Mobility and download the Windows client(s).
- If the location of the file is not a Windows share, create a share. Verify that the directory and files have Read and Read and Execute file system rights.
- On the domain controller, go to Start > Control Panel > Administrative Tools > Active Directory Users and Computers.
- Right-click the domain and select Properties.
- On the Group Policy tab click New. Name the policy, such as InstallCloudClientMSI. Highlight the new GPO object and click Edit.
- Go to Computer Configuration > Software Settings > Software installation. Right-click Software Installation and select New > Package. (Note: Verify that you have a valid UNC path. Click My Network Places > Entire Network > Microsoft Windows Network > The domain the server is located > Server name > Share name that has the client binary > Select the binary.) For Deployment method, select Assigned and click OK. If your new policy is not visible, right-click Software installation and select Refresh.
- If the workstation properly joins the domain, the client installs on the second reboot (it reads policy on the first bootup) and executes policy. The workstation installs the client and reboots once more.
Removing the client via GPO
To remove the client, go to the location in policy where the client is pushed and remove the installer. There are settings that ask if you want to leave the application installed or to remove it. To remove, select the remove option.
Additional resources and information
The information contained in this document came from http://support.microsoft.com/kb/816102 and is provided "as is" and is subject to change.