PDQ Inventory 10 Beta

Posted on Leave a commentPosted in PDQ Inventory, PowerShell

New Features

The latest PDQ Inventory 10 Beta is now available and it includes some highly requested features! To try out the new beta, click the update link in the status bar of the main console. If the update link is not visible, go to File > Preferences > Auto Update Alerts and check Include Beta Versions, this will now alert you when new beta versions are available. You can also download the Beta release here; PDQ Inventory 10 Beta. Read on to discover all the new possibilities.

Hide Collections in the Collection Library

Do you love using the Collection Library, but would like to only see the collections that pertain to you and remove a lot of the clutter? Well, you are in luck, as this can now be accomplished in PDQ Inventory 10 Beta. Simply hide any collection within the collection library to customize your view. (Enterprise mode required). To hide collections, select the collection(s) in the console, right-click and check View > Hide Library Collection. Hiding a parent collection will always hide the child collections by default.

Context menu

 

The Collection Library page itself will always display all hidden collections and the ability to display in the tree can be easily toggled on and off using View > Display Hidden Library Collections (or Preferences > Interface). Hidden collections are identifiable by their opaque icon and opaque text. For ease of identification, parent collections of hidden collection(s) are also displayed with an opaque icon, however, the text is not opaque.

Display Hidden Collections

 

Because of this powerful new feature, we will be able to bring even more library collections your way. Keep your eyes peeled!

Wake-on-LAN and PowerShell added to Remote Command

Didn’t think Remote Command could get any more powerful than it already is? Well, think again. In PDQ Inventory 10 Beta, we’ve now added the ability to initiate a distributed Wake-on-LAN and run PowerShell cmdlets directly from this tool (Pro or Enterprise mode required). To access Remote Command, select the computer(s) to which you wish to execute a remote command and select Tools > Remote Desktop (or Ctrl+Alt+R).

Remote Command

Other features and fixes

Included in this release are many other smaller, but just as tasty morsels:

-The Program, Publisher, and Version of the Hot Fix table can now be used in Collections and Reports.

-Firmware Revision column has been added to the Disk Drives page.

-Other minor bugs and enhancements.

We hope you enjoy this beta as much as we enjoyed bringing it to you. As always, we welcome your feedback and look forward to bringing you the final release.

Click to get the latest PDQ Inventory 10 release.

 




Set User-Side Group Policy With PolicyPak Admin Templates Manager

Posted on Leave a commentPosted in PDQ Deploy

So let’s say you’ve got some specialty computers such as lab computers, sales computers or conference room computers. These computers have different users logging on at different times throughout the day. You’d like these specialty computers to eat just “some” user side policy settings enabling them to maintain the same user settings regardless of who logs on. Normally you’d have to use very complicated Group Policy loopback mode to force your computers to eat user side policy. The downside is that you’ll end up with way more settings than you need making it impossible to manage the experience. The answer? PolicyPak Admin Templates Manager. With PolicyPak Admin Templates Manager you’ll be able to gently force your computers to eat user side functions.

Force Computers To Eat User-Side Functions

From the PolicyPak console, go to “Standard Computers” and create a new GPO. Then simply create a name for your new GPO.

Name GPO 1

Now go to the Computer Configuration side to the PolicyPak node and click on Administrative Templates Manager. Click “Add New Policy”.

GP Management editor

In the upper left of the New Admin Template Entry window, you’ll want to check the “User Policy” button. Now, under the Administrative Templates window, you’ll see several options that you can access. Let’s go to “Start Menu and Taskbar”.  Once clicked, you’ll be presented with a list of available options. Let’s select “Remove Help menu from Start Menu”.

User policy list

In the new window, click “enable” and you’re set. 

Enable

Now, in this example, all users who logon to this machine will have the “Help Menu” removed from the Start Menu. You’ve successfully taken a user side function and delivered it to your specialty computers for all users using the PolicyPak Admin Templates Manager. To see each step in action, check out the video below.




How to Enforce Firefox Settings

Posted on 1 CommentPosted in Deployment Examples, PDQ Deploy

It’s simple enough to get Mozilla Firefox remotely installed on your computers, but how do you keep users from changing settings and potentially leaving your network vulnerable? In this post we’ll first silently install Firefox on machines, and then enforce Firefox settings using group policy.

Silently Installing Firefox

Mozilla Firefox is one of the many deployment packages available in the Package Library. With a PDQ Deploy Enterprise licence you can import this ready-to-deploy package (which we recommend as the package has additional steps to uninstall past versions of Firefox and other steps that also help avoid installation errors). With the free version you can also create this package to quickly install Firefox.

  1. Add the Firefox Setup exe in the Install File field in your install step
  2. Add silent parameter -ms to the Parameters field.
  3. Save and close, you’re ready to deploy. Simply highlight your newly created package in the left tree and click the Deploy button in the right corner. From there you’ll be able to deploy right away or schedule (Pro or higher) and select deployment targets. silently install firefox enforce settings


Enforce Firefox Settings

Watch this video to learn how to set up PolicyPak, the video will also show you where to find and how to add  “Paks” which you’ll need to help quickly manage hundreds of applications.

  1. First things first…in your Group Policy editor, add a new GPO. Right click and select edit.
  2. Now you’re ready to hit up the PolicyPak module. Click Application Settings Manager, right click and select the Mozilla Firefox pak. (The video link above will show you how to set up these paks.)
  3. Double-click on the Firefox application now listed to start editing you settings. As you make changes right click and select the lock down option you desire to enforce settings in Firefox. enforce firefox settings


How To Silently Deploy AutoCAD with PDQ Deploy

Posted on Leave a commentPosted in PDQ Deploy

Deploying AutoCAD may seem like a daunting task, however PDQ Deploy makes it’s easy to silently deploy AutoCAD.  We’ve also included a step-by-step instruction video at the bottom of this page. Let’s dive in.

How to Silently Deploy AutoCAD

The first step is to grab your installation files. We recommend placing the installation files on an accessible file share location. Now navigate to the installation files on your file share location, and run “setup.exe”. 


setup screen shot

By running the setup.exe file, you will be given the option to install or create a deployment. We will choose to create a deployment using the AutoCAD deployment tool.


Create Deployment

Now let’s configure our deployment. Give your deployment a name in the “Deployment configuration name” field. The “Administrative image path”  field is where you will designate a location on a file share where you want the AutoCAD deployment files to be copied. The other fields on this screen provide additional options. Remember to check “Run installation in silent mode” under the “Installation Settings” section in order to silently deploy AutoCAD.


Deployment config field

Next, you’ll need to accept the EULA and input your serial number or whatever method you use to license your AutoDesk products. 


ULA

The next window will allow you to further customize the AutoCAD deployment. Once you’ve determined your deployment settings, click “Create”. Now AutoCAD will compile the prerequisites for installation and prepare everything that you selected for this deployment. This process may take several minutes, so be patient.


AutoCAD config screen

Once AutoCAD has finished creating the deployment, you may want to click “Add Updates” to check for any product updates that may be available. If there are updates available, the auto deployment tool will append them to the installation.


Updates to AutoCAD

Navigate to the designated location on your file share where you copied your deployment files. You’ll notice there is a shortcut file with the name you created for your deployment. Right click and go to the properties of that shortcut file and copy the information in the target field. 

File Location

Properties

Sending Out Your AutoCAD Deployment

It’s time to open up PDQ Deploy. Go to “New Package” and create a deployment name.

Next, click “New Step” and create a “Command” step. In the package properties window delete the default install step.  Now paste the information that you previously copied from the shortcut properties into the command step field. If you see a “/Trial” within the string you can remove it.

Command step trial

This next step is very important. Right after “\Setup.exe \” you will insert a “/W /” (with a space after the W).  It should look like this; “\Setup.exe  /W /qb”. The “W” tells the deployment to run the command and then wait for the other sub-processes to finish before it returns. Without, you will likely get a 259 error code.

Command Step

A couple of other items to take note of:

  • If you have spaces in your path you will need to put them in double quotes up to the “/I” Anything after that you do not need to use double quotes.  
  • Notice the “/qb” . This means “Quiet Basic”. Under this setting if a user is logged on they may see status updates appearing on their screen. To enable a totally silent deployment, you may use a “/q”. DO NOT use a “/qn” as this will cause your deployment to hang. We recommend using “/qb” for a higher success rate.

Command Step 2

Now go to the Conditions tab and change your OS to Windows 10, 8.1, and 7. You’ll also want to change the Architecture to 64-bit.

OS Version

Under the “Options” tab,  if you are deploying with the “/qb” previously mentioned, you’ll want to change the “Run As” field to “Deploy User (Interactive)”.

Deploy user interactive

Next, since we are doing a command step, we need to enter success codes. For this deployment enter the codes; 0,1641,3010

Success codes

That’s all you need to do to build the deployment. Now let’s choose our targets and silently deploy AutoCAD. You can choose your targets several ways, but for our example we’ve chosen two targets using PDQ Inventory. Once your targets have been selected, click “Deploy Now”.  

Deploy Now

Remember, this deployment could take anywhere from 5  to 30 minutes depending on the speed of your network, so be patient. Once the deployment has finished, you’ll see the AutoCAD desktop icon on your target computers. You could also verify a successful installation by using PDQ Inventory. Congratulations! You’ve silently deployed and installed AutoCAD. To view a step by step tutorial, click the video below. 




Adding Console Users to PDQ Deploy

Posted on Leave a commentPosted in PDQ Deploy

We made some pretty big changes in PDQ Deploy 10. One change that may have caught a few PDQ Deploy users off guard is the need to add console users for access to the PDQ console instead of simply having local admin privileges. Adding console users is especially important for those using the command line interface to use PDQ Deploy.

Adding Console Users to PDQ Deploy

If you go to File > Preferences > Background Service, you will see which user processes all background tasks for PDQ Deploy. It is also in this window that you can add console users. Console users are Windows users that have access to the PDQ Deploy console.

adding console users

After adding the computer name you’ll need to type the password for the background service user (not the user you are adding)

Alternatively, admins are added by logging in after starting PDQ Deploy. If the user opening PDQ Deploy is not a registered console user then they’ll see this message:

logging in as console user

At this point, you have two options:

  1. You need to add this user to the list of console users (using the method shown above).
  2.  In this window you (or the user) may enter the password for the Background Service (Quintana in our example). Once they’ve logged in at this screen, their machine is added to the list of console users.



 


How to Manage Java Settings

Posted on Leave a commentPosted in Deployment Examples, PDQ Deploy

Java’s quarterly release for July 19, 2016 (Java 8 update 101) contains fixes for security vulnerabilities. Admins are advised to apply this critical patch to systems as soon as possible to protect against potential attacks. Here’s a quick guide to silently install Java 8 and then manage Java settings for added security and control. Below is a video tutorial on these steps.

Silently Install Java 8

In PDQ Deploy you have a couple options to silently install Java 8. You can use the Package Library which has a Java 8 deployment package that is ready to import and silently install across your network. (PDQ Deploy trial users have access to up to three free package imports from the Package Library during their trial.) Alternatively, you can build your own package using the free version of PDQ Deploy.

PDQ Deploy Package LibraryUsing the Package Library

We’re a little lot biased and do recommend using the Java 8 package available in the Package Library. This deployment package contains additional steps that ensure your deployment will be successful such as uninstalling past versions of Java and exiting programs that can cause deployments to fail.

Bonus, the work building the package is already done…so why not use what’s already there?

  1. Import your package Navigate to the Package Library and select Java 8 Update 101 64 or 32-bit (depending on what machines you are deploying to). Click “Import” to begin downloading your package.
  2. Send your deployment to target computers Your import can be found (by default) in the left tree under the Packages folder. Highlight the Java Package and click “Deploy”. From there you’ll be able to select target computers from AD, Spiceworks, or PDQ Inventory. Click deploy and you’re done!


Building Your Own Deployment Package

    1. Download the offline version of Java. Online versions are smaller in size and will not silently install successfully.
    2. Extract the Java MSI. You will want the Java MSI over the EXE because MSIs have already defined silent parameters, which you must have for a successful deployment. If you don’t have silent parameters you could see error messages, have failed deployments or worse.
    3. Now you’re ready to build your deployment package. Add the Java MSI to the Install File line, and be sure to select Include Entire Directory. Then you’ll want to add the following parameters on the parameters line to disable auto updates and machine reboots:
     JU=0 JAVAUPDATE=0 AUTOUPDATECHECK=0 RebootYesNo=No

Manage Java Settings

Now that you have that deployed…it’s time to manage Java settings.

  1. Create a new GPO for managing Java settings in your Group Policy editor.
  2. In your Group Policy Management Editor, right click and select the Oracle Java pak. (Refer to this video to learn how to set up PolicyPak and add your Java “pak”.
  3. Double-click on your newly added Java pak to start managing.Manage Java Settings You’ll see several tabs of options for settings in Java. Here are a few suggested settings to look at:
  • Update Uncheck “Check for Updates Automatically”. Having this checked means you can decide when Java gets updated and can deploy patches on your terms and not leave it to Oracle (or your user) to decide.
  • Security Select “Very High” from the Security Level dropdown.
  • Exception Site List You can set MODE=REPLACE to override any site list settings or you can set MODE=MERGE to add site to possibly existing site lists.

 

With your settings you can (and probably should for utmost protection against users tampering with your settings) right click and select “Perform ACL Lockdown”.


What’s New in PDQ Deploy 10

Posted on 3 CommentsPosted in PDQ Deploy

logo-deployThe PDQ Deploy release has new features that make it even easier to get deployments out to the correct computers and with more precision. Depending on your environment, some users may find this means faster deployments.

Additionally, there are improvements to repository clean up and added integration with PDQ Inventory. PDQ Deploy can be upgraded to version 10 by clicking the “A new version is available” notice in the right corner of your console.

New Features in PDQ Deploy 10

Additional Deployment Conditions

PDQ Deploy 10 boasts new conditions in deployment steps to allow you to run (or not run) steps on certain deployment targets. Deployment step conditions are a Pro and Enterprise level feature.

Deployment conditions

File and Registry Conditions

Set steps within your deployments to only go to target computers with particular registry keys or values. With file conditions you also have some wildcards you can use as you which you can add by clicking the green plus symbol.

PowerShell Condition

This allows you to limit steps in deployments to computers with particular versions of PowerShell. Use the drop down to check versions of PowerShell you want target computers to have for a particular environment. If a computer does not have a PowerShell version you have selected, then the package will not deploy.

Repository Exclusions

In PDQ Deploy 9, repository clean up was introduced (see File > Preferences > Repository). Now you have the option to chose which individual files or directories to exclude from clean up. Check multiple files to exclude or select one and click Exclude Directory to add items to your exclusion list.

repository clean up pdq deploy 10

Open in PDQ Inventory Option

Need to see more information on a computer you see in PDQ Deploy? Easy. Right click on any computer name and select Open in PDQ Inventory. This will open the computer window in PDQ Inventory. You can also select multiple computers before right-clicking to see information for those computers.

open in pdq inventory pdq deploy 10

Delete Deployment History

Clear the deployment history in your scheduled deployments for any computer. This feature is handy if you have imaged a new computer using the same name as a previous computer. Clearing the history will allow PDQ Deploy to send deployments to the new computer that otherwise might have been marked as already successfully deployed to.

In your schedule under the Computer History tab, when a computer is highlighted you have the option to delete the history for that computer. Next time a schedule is run, the deployment will be sent to the computer as no record of that deployment being run exists. You can also click Delete from All Schedules to remove all history of that computer from any and all schedules it may have been a part of.

Clear history window





How to Silently Install WinZip (and then Globally Manage it)

Posted on Leave a commentPosted in Deployment Examples

Let’s get WinZip deployed to your computers. After you silently install WinZip, you’ll then define the settings you want on all devices in your network. Below is a video that will walk you through all the steps.

Silently Install WinZip

Because WinZip is a paid product (you’ll need your own license handy), it’s not available in the Package Library. However, it is a very simple application to create a deployment package for (and the free download of PDQ Deploy is all you’ll need to get the job done).

In PDQ Deploy, create a new package and for the install field add your extracted MSI file for WinZip. You’ll need the following parameters to silently install WinZip. Without parameters your deployment could time out and fail.

INSTALLCD="/noqp /noc4u /noip /nopredefinedjobs /autoinstall"

Before you exit out, make sure you have “Include Entire Directory” checked so that you have all the needed files for installation. You’re ready to deploy.

silently install Winzip package



Managing WinZip

Watch this video to learn how to set up PolicyPak, the video will also show you where to find and how to add these “Paks” you’ll need to help quickly manage hundreds of applications.

  1. First things first…in your Group Policy editor, add a new GPO. Right click and select edit.
  2. In the GroupPolicy Management Editor, right click and select WinZip. (Refer to the video on setting up PolicyPak to see how to set up these paks.)GP Management editor
  3. Double-click on the WinZip application listed to open the panel you’ll use to adjust settings for WinZip in Group Policy. Make your changes and adjustments, right click within the panel to Disable corresponding control in target application” or if you have particularly clever end users, you may also want to select “Perform ACL Lockdown” to make sure your settings are not tampered with. You can also make certain none of your users adjust the settings you select in any tab, by right clicking on the tab you want to lock and select “Disable whole tab in target application”. ACL lockdown

After applying GPUpdate your settings will take effect. It’s that easy!


Remotely Install Printer Drivers

Posted on 3 CommentsPosted in Deployment Examples, PDQ Deploy

There are a few ways to remotely install printer drivers. This post will cover two methods, using a print server and setting up an IP port. Both of these methods are also covered in a tutorial done at a webcast. A recording of this webcast is available below. Let’s dive in!

Remotely Install Printer DriversPrinter

Using Print Server

This method is the easiest and adds the printer for all users on the target machine. To add a printer using print server you’ll need run a couple commands. Using PDQ Deploy, create a new package and add two command steps.

The first command step will delete the printer if it does already exist. Doing this prevents errors that can occur from adding an already existing printer.

%WINDIR%\system32\Printui.exe /gd /q /n"\\TOKEN\Lexmark MS310dn North"

In the second command step, you’ll add the printer. The difference between these commands is the /gd (for global delete) is now a /ga (for global add).

%WINDIR%\system32\Printui.exe /ga /q /n"\\TOKEN\Lexmark MS310dn North"

Remotely Install Printer Drivers - using printer server
In both commands /q is critical for a silent deployment. Without that parameter your deployment will hang. You can see other parameters by entering the following into a command prompt:

printui /?

For your changes to take effect you may need to stop and start the print spooler. If after deploying the printer does not appear, add the following commands to your deployment:

NET STOP SPOOLER 
NET START SPOOLER

IP Port

In this method, you will create a TCP/IP port and then install your printer.

First, spare yourself possible errors and clear out the printer and port. For this deployment package you’ll start off with a command step with the following command (of course, substitute your own printer name and IP address in your commands):

cscript %WINDIR%\system32\Printing_Admin_Scripts\en-US\prnmngr.vbs -d -p "Lexmark MS310"
cscript %WINDIR%\system32\Printing_Admin_Scripts\en-US\prnport.vbs -d -r "IP_10.0.0.246"

In the next command step, you’ll add the port. Again, substitute the appropriate IP address in quotes.

cscript %WINDIR%\system32\Printing_Admin_Scripts\en-US\prnport.vbs -a -r "IP_10.0.0.246" -h 10.0.0246

 

Your next two steps (one for each architecture type, 32-bit vs. 64-bit) will install your printer using an install step. You’ll want to get your install files from the printer vendor and research what parameters you may need to silently install your printer driver.

For our example, (which you can watch in the video below starting at 21:53) we got a batch file from the vendor which is listed in the install step as the install file.  Then, the “Include Entire Directory” box is also checked. This is important if your installation does require multiple files.