TR1 is part of the IT transformation project that Telstra started to undertake under then-CEO Sol Trijio. It involves the consolidation of the many hundreds of systems that Telstra and its dealers use to a more managable number. TSA Telco Group is one of those dealers and was required to perform a deployment of these applications.
TR1 comprised three programs, all which had MSI files. Certain business units needed some of those 3, others needed a different combination. In addition to the programs themselves, they had a number of prerequisites, including specific versions of java, flash and acrobat reader.
To perform the deployment, three group policies were created. One performed the TR1 application installation for one of the business units, the other performed the installation for another unit. The third group policy was a compliance enforcement policy – it checked the java, flash and acrobat were correct. In the case of java, there was a brute force removal shutdown script as on a number of PCs, it wouldn’t remove through normal means.
The policies were also filtered by security group, so they only hit the PCs that needed it. For example, all the corporate services users (ie. IT, finance, HR) had no need for this so they were excluded by this filtering.
One of the applications recieved regular updates, which were added to the group policy and recognised as an upgrade to that application.
The end result was a relatively low-maintenance system where a computer could be added or removed from the influence of the policies by adding or removing that computer’s account from 2 or 3 security groups.