I'm trying to deploy Google Chrome Enterprise via Group Policy. Following Google's guide I created a GPO, linked it to an OU, imported the ADX file with the policies (which deploy fine by the way). I created a folder on a file server with the msi installer. The permissions are set so that Domain Computers have read & execute permission. The software installation policy is set under Computer Configuration so it will be deployed on specific computers.
From what I understand if you have the software installation policy set under computer configuration you need the Domain Computers account to have read/execute permission because the software will be installed before a domain user account is logged in. I enabled MSI logging and I get this in the log file:
SOURCEMGMT: Media enabled only if package is safe.
SOURCEMGMT: Looking for sourcelist for product {b5fd80c4-8da4-3815-958f-d6e4afb1c5d0}
SOURCEMGMT: Adding {b5fd80c4-8da4-3815-958f-d6e4afb1c5d0}; to potential sourcelist list (pcode;disk;relpath).
SOURCEMGMT: Now checking product {b5fd80c4-8da4-3815-958f-d6e4afb1c5d0}
SOURCEMGMT: Media is enabled for product.
SOURCEMGMT: Attempting to use LastUsedSource from source list.
SOURCEMGMT: Processing net source list.
SOURCEMGMT: Trying source \[server][share]\IT\Software\GroupPolicyDeploy.
Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer 3: 2
Note: 1: 2303 2: 5 3: \[server][share]\
Note: 1: 2303 2: 5 3: \[server][share]\
Note: 1: 2303 2: 5 3: \[server][share]\
Note: 1: 1325 2: GroupPolicyDeploy
ConnectToSource: CreatePath/CreateFilePath failed with: -2147483648 1325 -2147483648
ConnectToSource (con't): CreatePath/CreateFilePath failed with: -2147483648 -2147483648
SOURCEMGMT: net source '\[server][share]\IT\Software\GroupPolicyDeploy\' is invalid.
Note: 1: 1706 2: -2147483647 3: GoogleChromeStandaloneEnterprise64.msi
SOURCEMGMT: Processing media source list.
Note: 1: 2203 2: 3: -2147287037
SOURCEMGMT: Source is invalid due to missing/inaccessible package.
Note: 1: 1706 2: -2147483647 3: GoogleChromeStandaloneEnterprise64.msi
SOURCEMGMT: Processing URL source list.
Note: 1: 1402 2: UNKNOWN\URL 3: 2
Note: 1: 1706 2: -2147483647 3: GoogleChromeStandaloneEnterprise64.msi
Note: 1: 1706 2: 3: GoogleChromeStandaloneEnterprise64.msi
SOURCEMGMT: Failed to resolve source
Best Answer
The way you use GPO for MSI deployment worked really great in Windows 2000/XP era. But since then the default OS behaviour changed in such a way that Windows do not wait for a network to be up before allowing user to login. So network is never up when Computer Configuration is processed. This made MSI installation at computer level pretty much useless.
The recommend way is to use GPO to create a task in Task Scheduler and use MSIEXEC.EXE to run MSI installation. You might want to use the following settings:
%SystemRoot%\System32\msiexec.exe/quiet /qn /norestart /i "<path to msi file>"1-5 minutes after user logon(so enough time have passed for a network to be up)Any network connection available(makes sure network is up)NT AUTHORITY\SYSTEM(so it would have local admin rights)Note, that if you instead decide to enable synchronous GPO processing, the computer boot up/restart times will increase dramatically.