We use a GPO to deploy WithSecure Elements Agent to all client pc's. Works fine.
Now I downloaded a new version of the MSI from the portal, and added it to a new GPO while disabling the old GPO. What happens now is that the installer wants to uninstall the previous version (which is actually the same version as in the new msi). This uninstallation leaves some traces behind, causing the new install to fail, leaving the client unprotected. This can be fixed by running the FsUninstallationTool, but I cannot do this to 300 clients of course.
What is the best practice to handle new MSI files in combination with GPO's? I know of the following options:
- you can create new gpo and remove the old one
- you can add the new msi to the existing gpo as an update of the previous msi
- you can add the new msi to the existing gpo but not as an update of the previous msi
I tried a lot of these combinations, but the result is mostly the same.