In order to deploy the Heimdal Agent through GPO, you need the MSI Installer file with the Heimdal license key included (you can use the Orca software to embed the Heimdal license key in the MSI Installer. For more information on how to use Orca to add a license key in the MSI Installer click here).
1. Create a Shared folder where the Heimdal MSI Installer will be placed.
2. Choose the people in your network you want to share this folder with and establish their permission level.
3. On the Domain Controller, open Server Manager, click on Administrative Tools, and then on Group Policy Management.
Under the domain for which you want to create a GPO:
- Select Group Policy Objects
- Right click
- Choose NEW GPO
- Select the name of GPO
4. Open the Group Policy Management Editor and select the following: User Configuration -> Policies -> Software Settings ->Software installation (right click)/New Package)/Open and select the MSI Installer.
5. In the“Deploy Software” window, chose the “Assigned” option (this way, the installation will run without user interaction).
6. Select the “Heimdal” package, right-click on it, select Properties, and then the Deployment tab. Select the “Assigned” type for the Deployment type and choose “Install this application at logon”. This way the users will have the Heimdal Agent installed at the next logon.
If you want to install the Heimdal Agent by forcing the appliance of the policy from the user, run the following line from Command Prompt:
gpupdate /force /boot /logoff
This should silently install the Heimdal Agent and you will be able to check it in your Control Panel -> Programs and Features list when it gets installed.
If the GPO with User Configuration does not work properly for you, you can configure the GPO with Computer Configuration in the same way. If you choose to deploy the Heimdal Agent through a GPO that uses Computer Configuration, make sure you also enable the following option in the GPO:
Computer Configuration -> Policies -> Administrative Templates -> System -> Group Policy -> Specify startup policy processing wait time
Here you can specify between 30 seconds and 60 seconds, depending on how you see if it fits.
Computer Settings -> Policies -> Administrative Templates -> System -> Logon -> Always wait for the network at computer startup and logon -> Enabled