Introduction
There are several scenarios for when you would need to copy one or multiple files to select computers or all computers in a domain of an Active Directory (AD) network. For example, there might be a shared folder that everyone in the organization would need to access. In such cases, group policy objects (GPO) can be used to copy files from a shared folder to all the computers in an AD domain. The process of copying the files involves the following steps:
- Copying/moving all the files into a shared network folder.
- Creating a GPO and linking it to the AD domain
- Editing the GPO to copy files to all computers in the AD domain
Copying/moving all the files into a shared network folder.
First, you will have to create a shared network folder, and then copy all the files that you want to be copied to all domain computers into the folder. This is so that replication load can be made easier this way. Also, you will have to ensure that the Authenticated Users group has been given permission to access the folder. To check that, you can perform the following steps:
- Right click on the shared network folder, and select Properties.
- Select the Security Tab.
- Under the Groups or user names section, check to see if the Authenticated Users group is present.
Creating a GPO and linking it to the AD domain
Once the folder is created, you can move on to creating a GPO through which you will be copying the files to the domain computers. Here's how you can create a GPO and link it to the domain:
- Launch Server Manager from the taskbar, or go to Start, and then click Server Manager.
- In the Server Manager window, go to Tools, and select Group Policy Management.
- In the window that opens, navigate to the Group Policy Objects container. Right-click on the container and click New.
- Enter a name for the GPO in the dialogue box that appears, and click OK. The GPO would have been created.
- Now, navigate to the domain or OU where you want to copy the files to the computers, right-click on the container, and click Link an Existing GPO.
- In the dialogue box that appears, select the GPO that was just created, and click OK. The GPO would be linked to the domain or OU that was selected.
Editing the GPO to copy files to all computers in the AD domain
Once the GPO has been linked, you can edit the GPO to copy the files into all domain computers. Here's how you can do it:
- In the Group Policy Management window, navigate to the GPO that was just created, right-click on it, and click Edit.
- In the Group Policy Management Editor window that pops up, navigate to User Configuration –> Preferences -> Windows Settings -> Files.
- In the right pane, right-click on the empty pane, and select New, and then File.
- In the window that pops up, under the Actions section, select the Create option. If you are replacing or updating an existing file, select Replace or Update respectively.
- Under the Source file(s) section, mention the location of the file you want to copy.
- Under the Destination folder section, mention the location where you want the file to be copied. For this instance, if you want to copy the files on the computers' desktop, type %DesktopDir%\.
- If you want to copy the files only to specific computers in the domain, go to the Common tab. Check Item-level targeting, and then click Targeting. Mention the groups or users, and then click OK to confirm the addition of groups or users.
- Click OK to confirm the action.
In this process, if you have linked the GPO to an OU containing computers and not users, you will have to enable the GPO loopback processing mode. Here's how you can do it:
- In the Group Policy Management Editor window, navigate to Computer Configuration -> Policies -> Administrative Templates -> System -> Group Policy.
- Select the Configure user Group Policy loopback processing mode policy.
- In the window that pops up, select Enabled.
- Under the Mode section, select Merge.
- Click OK to confirm the action.
Note: In this method of copying files using GPO, it is not possible to copy a folder including all its contents to a computer in an AD domain. The process mentioned above can only be used to copy files to a specific location in the domain computers. If you want to copy a folder including all its contents, you will have to create a target folder in the destination computer, and then copy the files to the target folder using the process given above. Here's how you can do it:
- In the Group Policy Management window, navigate to the GPO that was just created, right-click on it, and click Edit.
- In the Group Policy Management Editor window that pops up, navigate to User Configuration –> Preferences -> Windows Settings -> Folders.
- In the right pane, right-click on the empty pane, and select New, and then Folder.
- Mention the location where you want the folder to reside in the domain computers under the Path section.
- Click OK to confirm the action.
- Then, proceed with the process mentioned above to copy the files. One change you would be doing is that while editing the GPO to copy the files, in step 6, under the Destination Folder section, instead of mentioning %DesktopDir%\, you will have to mention the location of the folder you created.