Friday, March 06, 2009

DanceEjay For Schools Network Edition

Ok, Done this before but since the update to server 2008 my old way failed, so i have deleted the blog and started again.

1) Run a wininstall scan on clean workstation.
2) Perform Full install of Dance EJ, and allow it to run.
3) Run after scan from wininstall.

Right got the MSI to install it now, but still fully aware that is i deploy this MSI and get a user to run it without 'Admin rights', they will recieve a Currupt instalation message.

After running the good old classic tool filemon (updated a lot since i last used it), Noticed the only error seemed to be when a program called reg_start tried to created a TMP file in the windows directory.

I have now enabled write access to the top level windows directory, (no sub directorys) and tested the software again, and it worked.

4) Moved built MSI to Applications share on server.
5) Created a New GPO in Active Directory called 'Software-EjayFS-Music'.
6) In the GPO under 'Computer Configuration - Policies - Software Settings - Software installation' selected 'New Package' and selected the MSI using the full unc path (eg \\server-name\application-share\music\ejay\ejay.msi).
7) In the Same GPO under 'Computer Configuration - Policies - Windows Settings - Security Settings - File System' right click and add file. select the 'c:\windows' directory click 'ok'.
8) Give users 'Write' access, (should now have read and execute, list folder contents, read, and write). Click OK
9) Next make sure 'Configure this file or folder then' is selected and 'Propagate inheritable permissions to all subfolders and files' is selected then click 'ok'.
10) Now simply close the gpo and deploy it to your test workstation and hopefully all should work.

A word of causion THIS PROCCESS DOES GIVE STANDARD USERS WRITE ACCESS TO THE ROOT OF C:\WINDOWS, This is not something i want to give users but until a better solution comes about it is all i have got.