How-To

Creating Your Own Custom ConfigMgr 2012 Compliance Packs

Posted on Updated on

This demonstration will show you how to create your own custom compliance packs to import into ConfigMgr 2012/R2.

  1. First, download and install the Microsoft Security Compliance Manager (SCM) solution accelerator.  Note that this can be easily from your workstation computer, it does not need to be on a Windows Server.  Also, a version of SQL (including the Express edition) needs to be installed locally as a prerequisite.  http://technet.microsoft.com/en-us/solutionaccelerators/cc835245.aspx
    scm01
    scm02
  2. When SCM has been launched for the first time, it will check for, download, and import baselines.
    scm03
  3. However, newer baselines will still be missing.  Select the option to download baselines automatically.
    scm04
    scm05
  4. From the available products and baseline options, multi-select the desired configuration items, then export to SCCM DCM 2007 (.cab) –even for ConfigMgr 2012/R2!
    scm06
  5. Next, store/save a copy of the .cab file where it can be easily imported into ConfigMgr.  If you’ve made a “complex” DCM, then I recommend ensuring that you’ve either created instructions on how to rebuild the cab, or retain/backup the original file.
  6. In the ConfigMgr console for Compliance Settings > Configuration Items, select to Import Configuration Data.
    scm07
  7. In the wizard, click the Add button to include the baseline(s) that have been created and are ready for import.  Then complete the remainder of the wizard.
    scm06b
  8. Note that with the imported configuration data, the baseline(s) are automatically created as well.
    scm09
  9. Finally, deploy the baseline(s) to the desired collection of systems.
    scm10

And that’s all there is to quickly using SCM for creating your own compliance packs for ConfigMgr 2012/R2!

App-V 5.0 Standalone – How to Activate Deployment Scripts

Posted on Updated on

This is the walk-through in preparation for demonstrations from my Microsoft Master webcast on App-V 5.0 scripting.  For the full webcast information, visit https://t3chn1ck.wordpress.com/2014/02/03/playback-of-microsoft-master-app-v-5-0/.

This demo will show how to “activate” a deployment script (which may contain either user or global/PC scripts) that you may have added to the DeploymentConfig.xml of an App-V package.

  1. In your the App-V web console, locate the package and click Editappv-dep-scripts01
  2. For the deployed user or computer group, click Edit Default Config
    Note: do not select the drop-down option for “Custom” as this is only for activating UserScriptsappv-dep-scripts02
  3. On the Default Configuration pane, select Advanced from the left-side menu, the click Import and Overwrite this Configurationappv-dep-scripts03
  4. Locate and open the DeploymentConfig.xml
    Important: due some irregularities with Silverlight, after opening the XML, the console may revert back to the main package administration pane.  You’ll need to navigate back to the Advanced configuration (e.g. repeat steps 1-3 above).appv-dep-scripts04
  5. In the window, select to Overwrite the configurationappv-userscripts05

App-V 5.0 Standalone – How to Activate User Scripts

Posted on

This is the walk-through in preparation for demonstrations from my Microsoft Master webcast on App-V 5.0 scripting.  For the full webcast information, visit https://t3chn1ck.wordpress.com/2014/02/03/playback-of-microsoft-master-app-v-5-0/.

This demo will show how to “activate” a user script that you may have added to the UserConfig.xml of an App-V package.

  1. In your the App-V web console, locate the package and click Edit

    appv-userscripts01

  2. For the deployed user group, select the drop-down option for “Custom” and click Edit

    appv-userscripts02

  3. On the Custom Configuration pane, select Advanced from the left-side menu, the click Import and Overwrite this Configuration

    appv-userscripts03

  4. Locate and open the UserConfig.xml
    Important: due some irregularities with Silverlight, after opening the XML, the console may revert back to the main package administration pane.  You’ll need to navigate back to the Advanced configuration (e.g. repeat steps 1-3 above).

    appv-userscripts04

  5. In the window, select to Overwrite the configuration

    appv-userscripts05

App-V 5.0 Demo – Application Shims

Posted on Updated on

This is the walk-through for demo #2 in my Microsoft Master webcast on App-V 5.0 scripting.  For the full webcast information, visit https://t3chn1ck.wordpress.com/2014/02/03/playback-of-microsoft-master-app-v-5-0/.

This demo is on scripting the install of an application shim (for app compatibility) when an App-V package is published to a system.  For this example, I used an all time favorite software of mine … SMS Installer.

1) SMS Installer requires elevated rights in order to execute.  So if the user is a non-admin such as for my demos, they cannot use the software.  Below is the screen shot of how this gets blocked.  Even if your end users have elevated rights themselves, you may be able to use a shim to correct any UAC elevation prompts.  Additionally, you can see the “shield” on the shortcut.

smsinst-demo01

2)  Create shim with the Application Compatibility Toolkit – for more info on this process of creating a shim, visit http://spablog.ontrex.ch/2013/04/23/shims-and-app-v-5-0/

  • SMSINS32.exe
  • Run As Invoker
  • ForceAdminAccess

smsinst-demo02

3)  Add the shim into the package scripts

smsinst-demo03

4)  Update the DeploymentConfig.xml file from the package to install the shim


<MachineScripts>

<PublishPackage>

<Path>sdbinst.exe</Path>

/q "[{AppVPackageRoot}]\..\Scripts\shim.sdb"

<Wait RollbackOnError="true" Timeout="30"/>

</PublishPackage>

</MachineScripts>

5)  Add the new application into ConfigMgr and publish to user.  For more info on doing this process, see an example from https://t3chn1ck.wordpress.com/2014/02/05/app-v-5-0-demo-uninstall-a-native-application/

6)  Voila!  You can now see that the “shield” is no longer on the shortcut and that the application runs successfully!

smsinst-demo04

App-V 5.0 Demo – Uninstall a Native Application

Posted on Updated on

This is the walkthrough for demo #1 in my Microsoft Master webcast on App-V 5.0 scripting.  For the full webcast information, visit https://t3chn1ck.wordpress.com/2014/02/03/playback-of-microsoft-master-app-v-5-0/.

This demo is on uninstalling native (local) applications when an App-V package is added to a system.  For this example, I used 7-zip.

1)  First, sequence your application (7-zip).  Nothing special to do, just make sure it’s been done ;-)

2)  Create a .bat file to perform the uninstall of the software.  In this case, I just looked up GUID of the package to have msiexec perform the uninstall and added an extra step to then echo “Removed 7zip” into a text file for evidence that the script executed.  So my batch file looks like below.

Note: that you don’t have necessarily have to do this uninstall so simply as I have .. or even use a .bat script.  It could be VBScript.  Or PowerShell.  And/or include any custom checks to make sure it gets removed.  And the options go on.


MsiExec.exe /x {23170F69-40C1-2702-0920-000001000000} /qb

echo Removed 7zip >> C:\uninst_7zip.txt

3)  Save your .bat file onto a server share.  This share needs to have read, list, execute rights for all users and all computers of the domain.  In my examples, I essentially just had the share as \\server\AppV_Scripts\ which I can use for other scripts and whatnot.

4)  Edit the DeploymentConfig.xml file of the AppV package.  What we want to do is

  1. Locate the <MachineScripts> section – uncomment the blocked text so it can used
  2. Locate the <AddPackage> element and delete the rest of the elements
  3. Set the <Path> to execute cmd.exe on the system
  4. Set the <Arguments> to run the .bat file on the server; if you’re unaware /c means to cmd.exe to “run this command” which would then be your \\server\share\script.bat

<!-- Machine Scripts Example - customize and uncomment to use machine scripts -->
<MachineScripts>
<AddPackage>
<Path>cmd.exe</Path>
<Arguments>/c \\alderaan2\appv_scripts\uninst_7zip.bat</Arguments>
<Wait RollbackOnError="true" Timeout="30"/>
</AddPackage>
</MachineScripts>

5)  Now we’ll add the package into ConfigMgr as an Application.  Note that ConfigMgr will choose the most recently modified Config.xml file to use for the Deployment Type.

  1. Add a new Application7zip-demo-01
  2. Select to add an App-V 5.0 package and select the .appv file7zip-demo-02
  3. Complete the wizard
  4. Using standard ConfigMgr procedures, deploy the application to the desired user collection (or computer)
  5. Run the application from the targeted user’s Application Catalog7zip-demo-03
  6. Watch the local system as the natively installed application is removed and replaced by the AppV package is there!
  7. Then check that the C:\ for presence of the uninst_7zip.txt file thus giving further proof that script executed!

App-V 5.0: Sequencing Visual Studio 2012

Posted on Updated on

The sequencing of Visual Studio 2012 does NOT seem to have been successfully accomplished by many people (at least not online that I can find!).  This recipe is a conglomeration of tips, tricks, fixes, and other recipes found on the web.  Hopefully it works for you too!

Notice: Visual Studio takes a long time to sequence.  At times, it will appear that the sequencer is ‘hung’.  In reality, this is normal so DO NOT terminate the window or otherwise start over.  Just allow for time (even up to 15 minutes) for the processing to complete.  An additional reference for virtualization can be found at http://social.technet.microsoft.com/Forums/en-US/7e93e525-31ed-43fc-8415-88a12766d2c2/how-to-sequence-visual-studio-2012-in-microsoft-application-virtualization-46-sp2

Prerequisites

  1. Pre-download the most recent Visual Studio 2012 Update
    1. Save into the source files
    2. Extract files to a folder in the AppV source files
    3. Update the CustomSetup.bat to call this
  2. Ensure VM has at least 45 GB disk
  3. Download the MVLS edition of VS then copy the installer and all subdirectories to a local folder
  4. Create an AdminDeployment.xml with SharePoint tools and SQL to not install (such as code snippets below)
         <SelectableItemCustomization Id="SharepointTools" Hidden="no" Selected="no"/>
         <SelectableItemCustomization Id="SQL" Hidden="no" Selected="no" />
  5. Install Microsoft .NET Framework 4.5 on the Sequencer machine. Using Microsoft Update, install all updates for .NET Framework 4.5
  6. Install IIS Express 8 (from iisexpress_8_0_RTM_x64_en-US.exe)
  7. Open an Administrator Command Prompt and run:
    1. C:\Windows\microsoft.net\framework\v4.0.30319\ngen.exe executeQueuedItems
    2. C:\Windows\microsoft.net\framework64\v4.0.30319\ngen.exe executeQueuedItems
  8. On Windows 7, disable the services:
    1. “Microsoft .NET Framework NGEN v4.0.30319_32”
    2. “Microsoft .NET Framework NGEN v4.0.30319_64”
  9. Open Regedit.exe, change the Permissions of the two following registry keys, granting Full Access to the Administrators group
    1. HKLM\System\CurrentControlSet\Services\DcomLaunch
    2. HKLM\System\CurrentControlSet\Services\RpcSS
  10. Restart Windows
  11. Now is a good time to make a snapshot/checkpoint :-)

Sequencing

vs12-01

CustomSetup.bat will do the following:

  1. Unattended install of the MVLS copy of Visual Studio 2012 Pro
  2. Disable prompt to download/install local help files on software first run
  3. Install help files

"%~dp0vs_professional.exe" /passive /adminfile "%~dp0AdminDeployment.xml"

:: Disable prompt to download/install local help files on first run reg add HKLM\SOFTWARE\Wow6432Node\Microsoft\VisualStudio\11.0\Help /v
DisableFirstRunHelpSelection /t reg_dword /d 1 /f

:: Install help files
:: Note this is disabled due to space constraints but could potentially be enabled
:: "C:\Program Files (x86)\Microsoft Help Viewer\v2.0>hlpctntmgr.exe" /operation install /catalogname VisualStudio11 /locale en-s /sourceuri \\ServerShareWhatever\VS2012Documentation\helpcontentsetup.msha

:: Fix for IEXPlorer
reg add HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE /v /T REG_SZ /d """c:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"""
reg add HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE /v /T REG_SZ /d """c:\Program Files (x86)\Internet Explorer"""

vs12-02

Visual Studio 2012 Professional

C:\Program Files (x86)\Microsoft Visual Studio 11.0

vs12-03

After the install completes, do not close the sequencer, but just restart Windows and login.  The sequencer will resume.

Run the latest update that was downloaded as part of the prerequisite steps

vs12-04

After the install completes, do not close the sequencer, but just restart Windows and login.  The sequencer will resume.

Locate the Developer Command Prompt and do a Run as Admin

vs12-05

Run regedit.exe

vs12-06

Delete the value of SetupCommandLine in HKLM\SOFTWARE\Wow6432Node\Microsoft\VisualStudio\11.0

vs12-07

Done installing

vs12-08

Do not run anything

vs12-09

vs12-10

Stop Now

vs12-11

vs12-12

Locate and delete the following in the VFS

  1. [{AppVPackageRoot}]\Common7\IDE\Extensions\random.folder\package\services\digital-signature\_rels
  2. [{AppVPackageRoot}]\Common7\IDE\Extensions\random.folder\_rels

vs12-13

vs12-15

(Optional step, but advisable for Standalone App-V 5.0 Infrastructure)

Add the .NET Framework 4.5, IIS Express 8.0 installers, and custom install.bat script (which just installs both items) into the scripts folder

vs12-14

Now save your package because it’s ready for deployment!!

If you did the optional step above, then edit the saved Deployment.xml file to run a user script for installing IIS Express 8.0 and .NET 4.5 locally

<UserScripts>
   <PublishPackage>
      <Path>cmd.exe</Path>
      <Arguments>/c [{AppVPackageRoot}]\..\Scripts\install.bat</Arguments>
      <Wait RollbackOnError="true" Timeout="600"/>
   </PublishPackage>
</UserScripts>

Additional Notes

When starting the software for the first time, select to use General Development Settings and to not install local help.

vs12-16

Create ConfigMgr Package for Office 365 Pro Plus

Posted on Updated on

Quick guide to create an O365 Pro Plus (e.g. Click-To-Run) deployment with ConfigMgr

  1. Obtain the source files
    1. Download the Office Deployment Tool for Click-To-Run
    2. Run the wizard (or use a tool such as 7-zip) to extract Setup.exe
    3. setup.exe /download <path of Configuration.xml file>
  2. Create a configuration file based upon config your desired configurations (or use the example below)
    http://community.office365.com/en-us/blogs/office_365_community_blog/archive/2013/03/06/office-365-proplus-administrator-series-client-deployment-options.aspx
  3. Create a ConfigMgr package with the setup.exe, configuration.xml file(s), and the download Office folder
  4. Create a program for the package to run command line setup.exe /configure <path of Configuration.xml file>
    (setup will locate the source files within the Office folder)

Example configuration.xml file for deployment

<Configuration>
  <Add OfficeClientEdition="32" >
    <Product ID="O365ProPlusRetail">
      <Language ID="en-us" />
    </Product>
  </Add>
  <Updates Enabled="TRUE" />
  <Display Level="None" AcceptEULA="TRUE" />
  <Logging Name="O365ProPlusRetail.log" Path="%temp%" />
  <Property Name="AUTOACTIVATE" Value="1" />
</Configuration>

Below are some additional resources provided to me by a colleague which were of additional help.

  1. How to customize the xml: us/download/details.aspx?id=36778
  2. TechNet talking how to deploy it:  http://technet.microsoft.com/en-us/library/jj839718(v=office.15).aspx
  3. TechNet talking about the /download and /configure commands:  http://technet.microsoft.com/en-us/library/jj219422(v=office.15).aspx