Being very new to Windows software distribution for a small network (<50 clients) I was wondering how software packages like Adobe's Reader or Java are handled. I can deploy them as MSIs via group policies just fine. But what happens when the client software detects updates? What are common ways to handle this? Disable the software's autoupdate feature? Redeploy when the admin detects a new version?
Just fishing for knowledge, thanks for any hint.
We disable auto-updates for all software we deploy. Our users all get limited user access, so they would be unable to install the updates. Many users found the update prompts to be annoying/confusing anyhow.
Often times you can probe the MSI, with SuperOrca or the like, for information about disabling the applications auto-update feature -- A good place to start is the PROPERTY table. Applying a specially-crafted MST during deployment can nullify the auto-update bits.
Other times we create ADMs (now we prefer Client-Side Preferences instead) for packages like Sun's JRE, SMARTBoard, etc. Adobe provides an Customization Wizard for Reader (and other products) that let's you customize the installer (and turn off auto-updates) without really getting your hands dirty. Adobe recently started offering updates in MSP form for simple distribution.
If you haven't already, check out the AppDeploy site. Some of the Package KBs can be helpful in identifying the correct incantation for turning off auto-updates.
We patch/upgrade our software collection (often using GP deployment, among other methods) based on review of the impact of the update versus security of the client.
I'm just experimenting with it myself, but this is allows automated deployment of almost anything:
http://www.adminarsenal.com/download/pdq-deploy-free-download/
Edited for clarity
Just to complement Grizly's answer with the obvious open source alternative (that does not seem to really solve the original question either): WPKG is an automated software deployment, upgrade and removal program for Windows.