Deploy .net 4 via Active Directory group policy or WSUS

.net group-policy wsus

Is there a way to automatically deploy .net 4 using Active Directory group policy or WSUS?

I want to push it out to lots of machines without having to go around to each one.

Background: I have a VSTO ClickOnce application I want to deploy to non-admin users, but it uses .net 4, which won't install without admin rights, so ClickOnce fails for non-admins unless .net 4 is already installed.


We used a script via Altiris Deployment. It should function as computer logon script or via remote cli. You need to grab the stand-alone installer from Microsoft.

START "" /WAIT dotNetFx40_Full_x86_x64.exe /q /norestart /log %TEMP%\dotNet4.log

Edit:

Also wanted to add that this install will take a couple minutes, or longer, depending on the speed of the client's computer. Performing the install should likely be scheduled during a maintenance window where users will not restart their computers for "not-responding". It may also be wise to restart the machine post-install. We don't as we perform an Altiris software inventory immediately after.


For versions 2.0, 3.0, and 3.5, installing .NET Framework directly from the .msi database would fail with a message about needing to launch setup.exe unless either the ADDEPLOY or VSEXTUI properties were set to 1. I'm assuming that when using Group Policy it automatically sets ADDEPLOY to 1 for every installation it performs, but otherwise you'd need to do this explicitly.

For both the Client Profile and Extended editions of .NET Framework 4.0, it works the same way except the one and only property you can set is called EXTUI; ADDEPLOY won't have the desired effect. (If you look at the CA_BlockDirectInstall action in the InstallExecuteSequence table of the .msi database you'll see that the condition for that particular action is "NOT (EXTUI = 1 OR Installed)"). After setting that property to 1, I've been able to perform deployments directly from the .msi via Novell ZENworks or msiexec.exe with no issues whatsoever. One would think Active Directory should be just as easy except, unlike with ADDEPLOY, I'm guessing you'll probably need to set the EXTUI property yourself, which can be done with a transform.

A minimal command line to perform an unattended installation of, for example, 64-bit .NET Framework 4.0 Client Profile would be...

msiexec.exe /i netfx_Core_x64.msi EXTUI=1

...or simply...

netfx_Core_x64.msi EXTUI=1

Since there are no installation options for the user to customize, the (default) full interface mode is already effectively an unattended installation, so you don't need to add /passive or any /q switches to make it execute unattended.

Related

How much memory does ESXi require for itself?
Internet latency map
Who do I report a hacked server to?
ZFS: preparing for future drive additions
Unable to Sign PowerShell Scripts
Monolithic vs Micro kernel
How do I use a Minitel terminal as a linux dumb terminal
Easiest way to solve this system of equations
Numbers are too large to show $65^{64}+64^{65}$ is not a prime
Solve $e^x+x=1$
Proof that $\sqrt6 - \sqrt2 - \sqrt3$ is irrational. [duplicate]
Are independent variables really independent?