Deploying MST Files Using Group Policy

Last month, we looked at Microsoft's Group Policy Software Installation (GPSI) and saw it in action.

Remember: GPSI's job is to deploy MSI files. And it usually 'just works.'

However, there might be a time when you want to 'fine tune' who gets which pieces of that MSI file.

Any particular application might have various pieces to install. In Figure 1, I'm looking at an application with a variety of sub-pieces that it can possible install. I've drawn arrows to some of them for example purposes.

Figure 1: An application might have multiple pieces available to install.

Assuming you didn't want to deploy the 'default' installation using Group Policy Software Installation (as defined in the MSI file) you could use an MST (Microsoft Transform File) to dictate which pieces within the application you wanted installed. Additionally, you could also define the state. For instance, in Figure 1, some of the pieces are pre-defined as 'Disabled.' But using an MST file, you could assign more of the pieces as Disabled ' if that's something you wanted to do.

MST files' 'middle name' is 'Transform'. Microsoft Transform File. And that's exactly what it does. The Transform file is like an overlay on top of the existing MSI file defining what stuff you ultimately want to be shown to the client.

Part 1: Creating or Getting your MST File

The first step in deploying MST files is, well, getting one.

In short, there are three ways to get one:

Have one handed to you by someone (ie: Software manufacturer with pre-baked MST files). This is pretty rare.

Use your applications' utility to create an MST file. Again, pretty rare.

Create one yourself. (Most common.)

If you're lucky, your software manufacturer will simply hand some to you (as described in option 1).

However, let's next talk about option 3 (Creating one yourself) first. There are a variety of 3rd party utilities you can use to create MST files. One is Scriptlogic's MSI Studio Pro, which can be found here http://www.scriptlogic.com/products/msi-studio/.

For this example, however, I'm going to go with Option 2: Use an MST creation utility that a manufacturer provides. Here in Figure 2, you can see Office 2003 with it's own utility called the Custom Installation Wizard. Yes, yes, this is an old example, but it still holds up.

Figure 2: Some applications have their own MST creation utility

If your application comes with an MST creation utility, you'll create the MST file then pick the options that make sense as seen in Figure 3. Remember: You might have to do this multiple times and create multiple MST files ' one for each type of user. For instance, one for Sales, one for Marketing, one for Research, etc.

Figure 3: Create your MST file and choose the options that make sense for your deployment.

Part II: Adding in the MST file

Now that you've got your MST file, you're ready to plunk it into the GPO.

Except you aren't.

If you look at Figure 4, you'll see that the Add button, within the Modifications tab, within the GPSI definition is grayed out. In other words, you cannot simply 'Add' MST files to existing software deployments.

Figure 4: You cannot add MST files if the MSI file is already deployed.

In short, you need to remove the application, then redefine it. In Figure 5, you can see the Add button light up ' but only after I've first deleted the MSI from within the GPO.

Figure 5: You can Add your MST file if you delete the MSI and re-add it.

Final Thoughts

Group Policy Software Installation is great, but being able to hone your deployments using MST files makes it even better.

Remember: You'll need to create your MST files once for each target of users like Sales, Marketing, Research, etc. Then, be sure to add your MST files to your MSI files, as you've learned to do so here.

That's it! Happy deploying !


This post is locked
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ