EditRequirements
INNOBATE Remote Command Executor Version 1.0.10.0 or higher All remote computers are Windows XP, 2003, Server 2008 or Vista
EditIntroduction
Updating Microsoft Windows Group Policy settings on the local machine is not so hard with a tool such as Gpupdate, but updating these policies on remote domain computers is not possible from within any Microsoft Management Console (MMC) by default or with any Microsoft tool available so far. In this wiki article you will learn how to use INNOBATE Remote Command Executor to make this task possible – and even easy – for the network administrator.
Most administrators know the problem of forcing Group Policy (GP) processing on remote computers. After configuring an important policy of some kind, we would sometimes like GP processing to occur immediately on client computers. The problem is that by default, the so called background processing “only” happens every 1.5 to 2 hours, and any immediate forced group policy updating can only be done from each individual remote computer.
What is basically needed is to make it possible for the Admin, from a central located Admin workstation, to update policies on Computer1, Computer2 and/or Computer3 – and the user policies for User A, B and C - whenever the admin finds it necessary.
EditAssumptions
EditFirewall
The built in Windows firewall must be configured to allow the incoming traffic we want by using a Group Policy Object (GPO), so ironically, such a policy is the only one we definitely cannot force to firewall-enabled remote computers. The policy settings that need to be enabled for all the mentioned methods in this article, is the following:
Computer Settings | Administrative Templates | Network | Network Connections | Windows Firewall | Domain Profile | “Windows Firewall: Allow remote administration exception”.
Other firewall devices between the central computer and the remote computers must be configured to comply with the above setting (see Help text on the mentioned policy in GPEDIT.MSC for port info etc.).
EditAdministrator rights:
The user that initiates the processes on the remote computers must be a local administrator on those machines – or else it’s simply not going to work as expected.
EditInstructions
Select the Domain of the remote computer/s from the domain dropdown list.
Select the remote computer from the computer dropdown list. If you need to execute the command on multiple computers, the click the add button after you have selected a computer from the computer dropdown list, to add it to the remote computers list.
In the Application to run on Remote Computer field enter in Gpupdate.
Make sure the Run Application in the System Account checkbox is checked.
If you are running the Gpupdate command on more than one remote computer, make sure the Do not wait for the process to terminate checkbox is checked.
Select Thread Priority to be Normal, by selecting the Normal radio button from the Thread Priority Group box.
Click the Execute button to run the Gpupdate command on the remote computers you have selected in the Remote Computers List.
Now the Group Policy on each and every remote computer selected by you should be updated and refreshed with any new Group Policy updates made by you.