Massive installation of Windows Logon through GPOs.

With the tool called Orca, we have to generate a .mst file from the .msi installer.

Download the tool for editing .MSI files (Orca).

Download Windows components

Download the installer or file with an .MSI extension that you want to transform.

Open the downloaded file by right-clicking and choosing the option Edit with Orca.

Plugin

Once inside the tool, from the Transform tab, choose New transformation.

Plugin

Once inside, navigate to the Properties option.

Plugin

There we can edit all the options we consider necessary: for example, if we are working in a different environment than the production environment, we modify the IRONCHIP_HOST section and set the correct environment.

Plugin

It will also be necessary to add a new row where we will place the corresponding API KEY. For this, we double-click on one of the blank zones, first we place the Property: IRONCHIP_APIKEY, and click OK.

Plugin

A message will appear indicating that the column has been modified successfully, click OK to continue.

Plugin

Then we will place the value for this property, there in Value, and we place the API KEY generated in our application in the Ironchip management panel.

Click on OK.

Plugin

Once you have done the above steps, you will have the new property value you have created on the screen.

Plugin

To continue we must go again to the Transform tab and choose the option Generate Transformation.

Plugin

We must name the file and Save the changes.

Plugin

We can then verify that the file with the .mst extension has been created in the chosen location.

Plugin

Generate Group Policy (GPO).

Note: It is necessary to create a shared folder with the users/computers that are going to be involved in the group policy, inside it we must put the .msi installer as well as the .mst file that we just generated in the previous steps with orca.

On our server, in the tools tab select Group Policy Management.

Plugin

In the screen that opens we must expand our domain node and in the Domains folder choose the option to Create a GPO on this domain and anchor it here.

Plugin

In the next window we will give a name to the group policy that is being created, it is advisable to give a name to the group policy according to the action to be performed.

Then click OK to continue.

Plugin

Once the policy has been generated, click on the name of the policy and right-click on it to display a list of actions where you can choose Edit.

Plugin

Within the Policy Editor go to Computer Configuration > Policies > Software Setting > Software installation. Right-click on Software installation, and select New > Package.

Plugin

In the next window it is important that we select the .msi file from the shared folder we generated at the beginning of the configuration.

Then click Open.

Plugin

In the next window, select the Advanced option and click OK.

Plugin

A new window of the policy properties will open where we select the option Assigned (we must select it even if it is already checked), this will enable the option Install this application at login which we must also check.

Plugin

We go to the Modifications tab, where we click on the Add button.

Plugin

In this screen we must choose the .mst file generated before, remember to choose it from the shared folder, the same one used when choosing the .msi file before.

Then click Open.

Plugin

Now we will see the path from where the file has been selected, the next thing to do is to press OK.

Plugin

Close the Group Policy Management window and open a Windows command console.

In the console we must enter the command gpupdate /force. The server will inform that it will not be able to apply the installation policy without rebooting and will offer to reboot. Type in the command line Y, and press the Enter key. The system will reboot 1 minute after entering the command. Or simply reboot the server via the Start menu.

After this, we will see the application installed on all the machines that were included in the GPO.

Note: This step must be done on all devices participating in the policy, clients, and server.