So I have been reading the document "Group Policy processing and precedence". I get that policies are applied in the order of local, site, domain, organizational unit, child organizational unit. The article isn't clear about the order that things are applied to the computer like software installation, script and the new group policy preferences.
I am trying to write a script to adjust some things on the computer that doesn't seem possible with preferences, but I need to be certain that a software install has completed, and some preferences have been applied first.
Update:
Here is some background information. I have a group policy that has a software installation for Widget A (Computer Configuration\Policies\Software Settings\Assigned Applications). Widget A places shortcuts all over the place that are annoying so I am trying to use the preferences feature (Computer Configuration\Preferences\Windows Settings\Shortcuts) to delete the unneeded shortcuts. The program has a slight bug in it and I have to fix it, but the publisher hasn't provided an updated msi, just an exe that will apply an update. So I have to a startup script to run the EXE that is supposed to patch the program.
It appears the 'Computer Configuration\Preferences' are applied before software installation happens, because my file deletes don't seem to take effect until after a couple reboots. It appears something about this software package needs a reboot because the startup script that is supposed to patch it errors out until I reboot.
In my searching of Google I haven't been able to find a document that specifically states what the order is. I am also curious what the ordering is between the various preferences available. For example, I can set environment variables via preferences. Will I be able to use those variables in a Files, Folders, or Shortcuts preferences?
I am hoping there is a document somewhere that described the process in detail.
Best Answer
Software installation policy is processed before Startup Scripts are executed. Sometimes that's exactly what you want, and other times it's not. You can't change it.
When I want a startup script to run before software installation I end up using group membership to control the execution of the startup script and I end the startup script with a command to add the computer to a second group that controls software installation. The only problem with this is that, to date, I have yet to find any reliable way to restart a Windows XP or newer OS from a startup script. (Yes, yes-- I've tried a variety of methods, too. I can discuss them in detail if you'd like.) As such, this always makes this strategy require two boots to "take effect".
You mention "preferences", so I think you're looking at doing things to the user's environment via a logon script. Logon scripts are executed, obviously, after logon. If you're looking to check to see if a piece of software has been installed during the logon script query the Windows Installer "database" in the registry to see if the program is there and "bail out". You'll find the installed products in the "HKEY_CLASSES_ROOT\Installer\Products" key. Obviously, you'll have to figure out the GUID for the package you're dealing with.
Edit: Group Policy client-side extension (CSE) processing order is performed based on the value of the GUID for the client-side extension, from what I've been able to glean from documentation. It looks like the CSE's with numerically higher GUIDs execute later. I don't have the GUID for the "Preferences" CSE handy so I can't tell you how it should act re: running before / after other CSE's.
On Windows XP, at least, dig into HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\GPExtensions and look for the CSE for "Prefernces". REGEDIT will sort those GUIDs numerically, too, so you could be able to tell, visually, if that "Preferences" CSE is going to execute before/after other CSE's.