Guardz

Follow the steps below to create a GPO that instead of software deployment, runs as a scheduled task. The main benefit is you don’t need a reboot for the machines and it often works after a few minutes)

When you run that scheduled task as a system, it can start any process. Make sure that <b>Domain Computers</b> have access (NTFS and Share) to the share you are using to run the MSI remotely.

The Task needs to start msiexec and use these arguments:

/i "\\&lt;yourpath&gt;\Guardz Agent.msi" GUARDZ_ORGANIZATION_KEY=&lt;yourorgkey&gt; /qn

Make sure you change the MSI path and the ORG key.

Then assign the GPO to domain computers and do a GPO update /force you can check the eventlog (eventid 1022/11707)  application to see the agent installation.

<b>Creating an Immediate Scheduled Task via GPO</b>

Open Group Policy Management Console (GPMC): Navigate to the Organizational Unit (OU) where you want to apply the GPO.

Create or Edit a GPO: Right-click the OU and select "Create a GPO in this domain, and Link it here" or choose an existing GPO to edit.

- Go to Computer Configuration -&gt; Preferences -&gt; Control Panel Settings -&gt; Scheduled Tasks.
- Right-click on Scheduled Tasks, then select New -&gt; Immediate Task (At least Windows 7).

- General Tab:
  - Name the task.
  - Set it to run whether the user is logged on or not.
  - Use the SYSTEM account to ensure it has sufficient privileges.
- Triggers Tab:
  - Add a New Trigger and configure for "At task creation/modification" to run the task immediately upon policy application.
- Actions Tab:
  - Click New.
  - Action: Start a program.
  - Program/script: msiexec.exe
  - Add arguments:
    /i "\\&lt;yourpath&gt;\Guardz Agent.msi" GUARDZ_ORGANIZATION_KEY=&lt;yourorgkey&gt; /qn
- Conditions Tab: Adjust as necessary, typically no changes needed.
- Settings Tab: Ensure "Allow task to be run on demand" is checked, and adjust other settings as needed.

- After setting up the GPO, link it to an appropriate OU, site, or domain.
- Use gpupdate /force on a test computer to apply the new policy quickly and check if the task executes as expected.

1. Open Group Policy Management Console (GPMC): Navigate to the Organizational Unit (OU) where you want to apply the GPO.
2. Create or Edit a GPO: Right-click the OU and select "Create a GPO in this domain, and Link it here" or choose an existing GPO to edit.
3. Navigate to Scheduled Tasks:
   - Go to Computer Configuration -&gt; Preferences -&gt; Control Panel Settings -&gt; Scheduled Tasks.
   - Right-click on Scheduled Tasks, then select New -&gt; Immediate Task (At least Windows 7).
4. Configure the Task:
   - General Tab:
     - Name the task.
     - Set it to run whether the user is logged on or not.
     - Use the SYSTEM account to ensure it has sufficient privileges.
   - Triggers Tab:
     - Add a New Trigger and configure for "At task creation/modification" to run the task immediately upon policy application.
   - Actions Tab:
     - Click New.
     - Action: Start a program.
     - Program/script: msiexec.exe
     - Add arguments:
       /i "\\&lt;yourpath&gt;\Guardz Agent.msi" GUARDZ_ORGANIZATION_KEY=&lt;yourorgkey&gt; /qn
   - Conditions Tab: Adjust as necessary, typically no changes needed.
   - Settings Tab: Ensure "Allow task to be run on demand" is checked, and adjust other settings as needed.
5. Apply and Test the GPO:
   - After setting up the GPO, link it to an appropriate OU, site, or domain.
   - Use gpupdate /force on a test computer to apply the new policy quickly and check if the task executes as expected.