Enter Search Query:

Deploying the Java JRE to workstations using a GPO

Java updates the JRE about once a month and it’s a good idea to keep java up-to-date. But what if you want to deploy Java to workstations in your active directory domain? And what if you want to disable java update/download notifications that cause users install the ask toolbar or McAfee Security scanner? Then you’ll want to follow this tutorial. It’ll walk you through deploying the latest Java JRE to all your Windows 7 workstations in an active directory domain without any user intervention. Plus it’ll block those pesky update notifications for the end user.

NOTE/CAUTION: In the video tutorial below, when removing the existing deployment of the previous version of java, I select the option to Immediately uninstall the software from users and computers. Selecting this option CAN cause you headaches. If you’re not sure whether Java was deployed previously, I highly recommend that you select the option to Allow users to continue using the software, but prevent new installations instead. Selecting the Uninstall option here can cause machines to hang indefinitely before reaching the CTRL + ALT + DEL prompt.


Essentially what can happen if the Immediately uninstall option is selected here is that Windows client workstations will get hung up on locating the MSI originally used to deploy the older version of the JAVA JRE. If that location has moved, changed or is unavailable, Windows will wait for it to come online indefintely displaying a Please Wait message at the users screen but never allowing the user to log onto windows.


  • [download] Java Offline Installer
  • Windows 7 Pro (XP should work, but I haven’t tested it)
  • Windows Server 2008 R2 (2003 should work, but I haven’t tested it)



June 3, 2014

Related Posts

0 comments found

Comments for: Deploying the Java JRE to workstations using a GPO

Leave a Reply

Your email address will not be published. Required fields are marked *