Newbie,
The group 'domain computers' needs to have the permissions, right? I am
talking about on the share permissions and on the security permissions on
the File Server where you have the 'SP4' folder. There would really not be
any point in any user having access to this share ( except Administrator or
Administrators or Domain Admins or Enterprise Admins or however you set
things up ).
This has to be added to the computer configuration and not to the user
configuration. When creating a GPO you will notice that there are two
possibilities - the computer side or the user side. You would need to
create this software package on the computer side.
Also, did you use the UNC path when telling the GPO where the update.msi
file is located ( and not a mapped network drive )? The UNC path looks
something like \\myserver\myshare\update\update\update.msi and not like
N:\sp4\update\update\update.msi.
On the Security for the GPO itself you can leave the Authenticated Users
there -OR- you can remove it and add the group Domain Computers. You are
correct in that the rights Read and Apply Group Policy are needed. Removing
the Authenticated Users and adding your user account will ensure that this
GPO will not work as this is being applied to the computer side and not the
user side! You could have added that specific computer account ( in place
of your user account ) and it might have worked. But, again, I am not sure
if you created this GPO on the computer configuration side of things....
HTH,
Cary