We have a number of laptop users for which deploying software updates reliably and promptly is an issue.
The circumstances are:
- The users rarely come into the office. As a result, their computers are rarely connected to the domain/corporate LAN during boot
- Users do not have local admin privileges
- Pre-logon VPN connection is available
- Updates are the typical core apps (Java, Adobe Reader, etc), plus some line of business apps. Mixture of everything from MSIs to self-extracting zips
- Currently use no third party deployment tools
- Fairly small deployment (less than fifty users currently) so don't have the budget or resources for very heavy-weight solutions
- Users regularly connect to the network post-boot (and usually post-logon) via a typical client VPN (happens to be RRAS/SSTP in this case, but probably not relevant)
- Computers in questions are domain-joined Windows 8.1 Pro machines. Servers are all Windows Server 2012 R2
Because of the lack of connectivity to the corporate network during boot, Group Policy software installation doesn't seem to be a viable option for deploying application updates (or new applications for that matter), but I'd be happy to receive advice that says otherwise.
DirectAccess would probably open up more options, but isn't an option for the foreseeable future.
So, my question is this: what solutions would people recommend for reliable and timely deployment of applications/application updates to mobile users who are only rarely connected to the corporate LAN during boot? I'm open to third party tools if they're within the reach of small business.
I have noticed this answer which suggests Intune might be worth investigation (SCCM would likely be too much). Any other suggestions greatly appreciated.
Best Answer
I think Microsoft Intune would offer the services you are looking for. you can sign up for a 30 day free trial and try it out. https://www.microsoft.com/en-gb/server-cloud/products/microsoft-intune/default.aspx?
No need for GPOs or SCCM