Using the PhishingBox Outlook plugin installer MSI and EXE file, the following instructions detail how to deploy the installer to multiple domain users using the Group Policy tools in Windows server.
- Note: Because Microsoft Windows Server has multiple versions, the following instructions may differ slightly. This guide was created using Windows Server 2016.
Group Policy Installation Instructions
1. Create a shared folder containing the MSI file for the Outlook plugin.
2. Create a Group Policy Object (GPO) for distributing plugin to domain users.
- Open Group Policy Management from the Server Manager
3. Right-click the domain you wish to deploy the package on, and select "Create a GPO in this domain, and Link it here".
4. Click "OK"
5. Under the newly created GPO, define groups, users, and computers for package deployment.
6. Right-click on the newly created GPO and select "Edit".
7. Expand Computer Configuration > Policies > Software Settings, and click the "Software installation" option.
8. Right-click in the right pane, select New > Package.
9. Select the UNC path for the shared installation folder.
- Note: Do not select the file on the local machine, use the network share path. E.g.
10. Select "Assigned" and click "OK".
11. The package should now show in the right pane of the GPO editor.
12. To test, log into a domain user workstation and the package should automatically be installed and visible under the Control Panel as an installed application.
- Check the Event Viewer on a single domain user's machine to verify there is a log entry for the installation of the package. It will like appear under Windows Logs > System. You should see an error related to why the plugin was not installed, or a success message.
- If after checking the Event Viewer logs on the client machine, an error 1612 is encountered during GPO installation, this indicates that the Active Directory client cannot read from the server network share specified in the GPO options.
- Verify that a full UNC path has been entered for the shared installer package.
- Verify that the Share permissions are set appropriately and can be accessed with READ permissions from the client machine.
- To troubleshoot, try setting the share to give "Everyone" read access, then limit access to specific groups after verifying that the issue has been resolved.
- On the Windows Server for the domain, reopen the Group Policy Management screen with the software installation package selected. Right-click the software package, go to All Tasks > Redeploy Application. This will trigger a reinstall on all the clients that currently have the package installed upon the next system reboot.
If the above steps do not seem to fix the issue and the Event Viewer isn't showing any entries for the installation, or the installation was deferred, try purging the software's registry entry and rebooting the client machine. The registry entry will be located in:
There will be an entry for the software application. Delete this entry as an administrator, then try rebooting the machine.
For more information, you can view article: Microsoft Help - How to use Group Policy to remotely install software in Windows Server 2008 and in Windows Server 2003.