Rapidly deploying software


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • MGB 2003 © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Greg Shields
  • Rapidly deploying software

    1. 1. How to Automatically and Rapidly Deploy Software in a Small Environment Greg Shields, MVP, vExpert Head Geek, Concentrated Technology www.ConcentratedTech.com
    2. 2. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC
    3. 3. Agenda <ul><li>Topics </li></ul><ul><ul><li>Part I: The Art of Software Packaging </li></ul></ul><ul><ul><li>Part II: The Science of Software Deployment </li></ul></ul>Many IT Professionals have problems with automated software distribution because it feels like a complicated topic. But there are really two halves: Software Packaging … and… Software Deployment In this session, you ’ll learn the nuances of both.
    4. 4. Automated Software Deployment <ul><li>There are two halves to rapidly and remotely installing applications: </li></ul><ul><ul><li>Repackaging – A software installation must first be reconfigured to install without prompting the user or requiring additional information. </li></ul></ul><ul><ul><li>Deployment – The repackaged software installation is then loaded into a deployment tool and scheduled for deployment. </li></ul></ul>
    5. 5. Part I The Art of Software Packaging
    6. 6. Repackaging <ul><li>Consider the typical installation… </li></ul><ul><ul><li>Insert the CD/DVD media </li></ul></ul><ul><ul><li>Double-click setup.exe or setup.msi </li></ul></ul><ul><ul><li>Next…Next…Finish… </li></ul></ul><ul><ul><li>Head to the next desktop </li></ul></ul><ul><li>In order to deploy the same software automatically and remotely, you must… </li></ul><ul><ul><li>Figure out how to complete the software installation without requiring input by the user. </li></ul></ul><ul><ul><li>Figure out how to execute the reconfigured setup.exe or setup.msi file locally on designated desktops. </li></ul></ul>
    7. 7. Repackaging <ul><li>Typical software installations arrive in one of essentially two formats. </li></ul><ul><ul><li>.EXE-based setup files </li></ul></ul><ul><ul><ul><li>These are slowly going away </li></ul></ul></ul><ul><ul><ul><li>Sometimes an EXE will wrap around an MSI </li></ul></ul></ul><ul><ul><li>.MSI-based setup files </li></ul></ul><ul><ul><ul><li>These are slowly becoming the primary mechanism for Windows software installations </li></ul></ul></ul><ul><ul><li>Copy-it-yourself formats </li></ul></ul><ul><ul><ul><li>These are relatively rare these days. </li></ul></ul></ul><ul><li>Of the first two above, virtually all are packaged using one of the major packaging utilities: </li></ul><ul><ul><li>Wise Package Studio </li></ul></ul><ul><ul><li>InstallShield </li></ul></ul><ul><ul><li>Inno Setup </li></ul></ul><ul><ul><li>Nullsoft Scriptable Install System </li></ul></ul>
    8. 8. Repackaging <ul><li>Each format and packager has its own characteristics and switches. </li></ul><ul><ul><li>Adobe Acrobat: %ACROBAT_INSTALLER_EXE% /s /v/qn </li></ul></ul><ul><ul><ul><li>We can tell Acrobat was packaged using InstallShield because of its “/s /v/qn” switch structure. </li></ul></ul></ul><ul><ul><li>Installation switches define the “hidden” parameters that can be used to install the package. </li></ul></ul><ul><ul><li>Silent switches instruct the package to install without prompting for input. </li></ul></ul><ul><ul><li>Some have neither. Some have nothing. </li></ul></ul><ul><li>Thus, while every software installation is different, they are in many ways the same. </li></ul><ul><ul><li>You need to sleuth out if switches exist and what they are </li></ul></ul><ul><ul><li>… or decide to use more complex techniques. </li></ul></ul>
    9. 9. Repackaging – MSI ’s <ul><li>MSI installation works with the native Microsoft Installer system </li></ul><ul><ul><li>Microsoft Installer is the framework built into every modern version of Windows </li></ul></ul><ul><ul><li>Easy to work with because “silent” switches are common across all installations. </li></ul></ul><ul><li>Deployment and packaging tools can often automatically interrogate the MSI database and determine silent installation and customizations. </li></ul><ul><ul><li>We ’ll talk about “packaging tools” in a minute. </li></ul></ul><ul><li>Customization and silencing can be done at command-line or via transform. </li></ul><ul><ul><li>msiexec /i AppA.msi DESKTOP_SHORTCUTS=0 </li></ul></ul><ul><ul><li>msiexec /i AppB.msi TRANSFORMS=custom.mst </li></ul></ul>
    10. 10. MSI Examples <ul><li>The standard command syntax for any MSI is… </li></ul><ul><ul><li>msiexec.exe – invokes the installer </li></ul></ul><ul><ul><ul><li>/i – Install </li></ul></ul></ul><ul><ul><ul><li>/a – administrative install </li></ul></ul></ul><ul><ul><ul><li>/l* – Log all information </li></ul></ul></ul><ul><ul><ul><li>/q – No user interface </li></ul></ul></ul><ul><ul><ul><li>/qb- – Basic user interface with no dialog boxes </li></ul></ul></ul><ul><ul><ul><li>PROPERTYNAME=PropertyValue – Customization properties </li></ul></ul></ul><ul><ul><li>msiexec /qb- /l* logfile.txt /i setup.msi NAME=Value </li></ul></ul><ul><ul><li>msiexec /qb- /l* logfile.txt /i macromedia_dreamweaver_8.msi SERIALNUMBER={value} REBOOT=SUPRESS </li></ul></ul>
    11. 11. DEMO Analyzing an MSI Installation
    12. 12. Repackaging – EXE ’s <ul><li>EXE files tend to have no centralized schema for silent installation and customization. </li></ul><ul><ul><li>Often post-installation registry hacking is needed to customize. </li></ul></ul><ul><ul><li>This is much less hard now with Group Policy Preferences </li></ul></ul><ul><ul><li>Depending on the packager used to create the EXE, there are some known tricks. </li></ul></ul><ul><li>Finding the correct “silent switches” is key to installing properly. </li></ul><ul><ul><li>AppA.exe /s /v/qn </li></ul></ul><ul><ul><li>AppB.exe /quiet /norestart </li></ul></ul>Don ’t reinvent the wheel. Go to www.appdeploy.com for a list of common applications and their silent switches.
    13. 13. EXE Examples <ul><li>InstallShield (old school) </li></ul><ul><ul><li>Run the installer with the /r switch on a reference machine </li></ul></ul><ul><ul><li>Proceed through the dialogs, answering prompts as you would on the client machine </li></ul></ul><ul><ul><li>Complete the installation </li></ul></ul><ul><ul><li>The installation will create a setup.iss file in %windows% </li></ul></ul><ul><ul><li>Use this file to run the installation </li></ul></ul><ul><ul><li>setup.exe /s /f1setup.iss [/f2logfile.txt] </li></ul></ul><ul><li>InstallShield (new school, wrapped MSI) </li></ul><ul><ul><li>Setup.exe /s /v/qb </li></ul></ul><ul><ul><li>Characters after /v are passed to the wrapped MSI file. </li></ul></ul><ul><li>Wise Package Studio, Others… </li></ul><ul><ul><li>setup.exe /s </li></ul></ul>
    14. 14. EXE Examples <ul><li>Also Try… </li></ul><ul><ul><li>/a </li></ul></ul><ul><ul><li>/q:a /r:n </li></ul></ul><ul><ul><li>/silent </li></ul></ul><ul><ul><li>/passive </li></ul></ul><ul><ul><li>/quiet </li></ul></ul><ul><ul><li>/norestart </li></ul></ul><ul><ul><li>/? </li></ul></ul><ul><ul><li>/help </li></ul></ul><ul><li>/? and /help will often pop up a dialog box with more information. </li></ul>
    15. 15. EXE Examples <ul><li>Many EXEs these days are actually MSI wrappers </li></ul><ul><ul><li>This means the EXE does little more than launch an MSI installation </li></ul></ul><ul><ul><li>fileName /s /v/qn – Anything after the /v is passed to the wrapped MSI file </li></ul></ul><ul><li>The /a switch can perform an “administrative install”, which sometimes will unpack that MSI </li></ul><ul><li>Alternatively, invoking the EXE installation but not running it through to completion will do the same </li></ul><ul><ul><li>Double-click the EXE </li></ul></ul><ul><ul><li>Wait for it to unpack </li></ul></ul><ul><ul><li>When the first prompt appears, check %temp% for unpacked MSI install files </li></ul></ul><ul><li>It all depends on who wrote the installer… </li></ul>
    16. 16. DEMO Analyzing an EXE Installation
    17. 17. Repackaging – Diff ’s <ul><li>Some software is exceedingly complicated, doesn ’t include “silent switches”, or simply won’t install with the other two mechanisms. </li></ul><ul><ul><li>For these, we run a “diff”. </li></ul></ul><ul><li>The process to do this… </li></ul><ul><ul><li>Build a barebones desktop of the same OS/SP. Virtual machines make this easy. </li></ul></ul><ul><ul><li>Snapshot its initial configuration. </li></ul></ul><ul><ul><li>Install and configure the application. </li></ul></ul><ul><ul><li>Re-Snapshot again. </li></ul></ul><ul><ul><li>Run the packager ’s “diff” tool to log and subsequently package the file/driver/registry changes. </li></ul></ul><ul><li>In some cases this is easier than an EXE install. </li></ul>
    18. 18. Repackaging – Diff ’s <ul><li>Big problem: Most packagers that can do this are expensive (Many are ≥ $500). </li></ul><ul><ul><li>Caphyon Advanced Installer </li></ul></ul><ul><ul><li>WinINSTALL MSI Packager </li></ul></ul><ul><ul><li>Wise for Windows Installer </li></ul></ul><ul><ul><li>EMCO MSI Package Builder </li></ul></ul><ul><ul><li>Acresso AdminStudio </li></ul></ul><ul><ul><li>Acresso InstallShield </li></ul></ul><ul><li>Some freeware/shareware alternatives… </li></ul><ul><ul><li>Some of the above ’s “free” versions </li></ul></ul><ul><ul><li>SMSInstaller </li></ul></ul><ul><ul><li>WinINSTALL LE (from W2000 media, v2003 on-line) </li></ul></ul>WinINSTALL LE 2003 for our demos later.
    19. 19. DEMO Analyzing a “diff” Installation WinINSTALL LE 2003 can be found at: http://www.appdeploy.com/downloads/detail.asp?id=4654
    20. 20. Post-Installation Customization <ul><li>For nearly all Windows applications, customization is stored in the registry. </li></ul><ul><ul><li>Whole-machine customization in HKLM. </li></ul></ul><ul><ul><li>Per-user customization in HKCU. </li></ul></ul><ul><li>The easiest way to determine post-installation customization is through the same “diff” packager tool. </li></ul><ul><ul><li>Snapshot after installation, make single config change, re-snapshot, package reg change, distribute as “application”. </li></ul></ul>
    21. 21. Post-Installation Customization <ul><li>HKLM easier to manipulate. </li></ul><ul><li>HKCU can be difficult as user must be logged in for HKCU hive to be loaded. </li></ul><ul><ul><li>HKCU hive manipulation possible offline using “reg” tool. </li></ul></ul><ul><ul><li>Also possible to use User Configuration in Windows Group Policy. </li></ul></ul><ul><li>This process gets substantially easier with Group Policy Preferences. </li></ul><ul><ul><li>The old mechanism involved creating custom ADM files for registry manipulation. </li></ul></ul><ul><ul><li>GPPs take almost all the coding out of this process </li></ul></ul>
    22. 22. DEMO Using “diffs” for Configuration Control
    23. 23. Group Policy Preferences <ul><li>Applications and Windows itself stores its configurations either in the registry or in files. </li></ul><ul><ul><li>Controlling that configuration meant an easy way to modify (and lock down) those registry keys and files. </li></ul></ul><ul><li>What was needed… </li></ul><ul><ul><li>A toolset that allows admins to easily input custom configurations without requiring coding. </li></ul></ul><ul><ul><li>Environment variables, files, folders, INI files, registry settings, network shares, shortcuts </li></ul></ul><ul><ul><li>Data sources, devices, folder options, local users and groups, network options, power options, printers, scheduled tasks, services </li></ul></ul><ul><li>All this needs to integrate with existing Group Policy and work with all clients. </li></ul>
    24. 24. Group Policy Preferences
    25. 25. Group Policy Preferences
    26. 26. Group Policy Preferences <ul><li>What you need… </li></ul><ul><ul><li>Server 2008 or Vista SP1 with the Remote Systems Administration Toolkit (RSAT) as the location for management. </li></ul></ul><ul><ul><li>CSE ’s for down-level clients. This includes Vista RTM, Server 2003, and XP. CSE’s are the client processing components that recognize the use of GPP’s. </li></ul></ul><ul><ul><li>The knowledge, experience, and intestinal fortitude to start really, really working with the registry of your clients from a global perspective. </li></ul></ul>Who here is still scared of directly manipulating the registry?
    27. 27. DEMO Group Policy Preferences
    28. 28. Part II The Science of Software Deployment
    29. 29. From Package to Software <ul><li>Now that you ’ve got a software package, you need to get it deployed to machines. </li></ul><ul><li>Multiple software deployment solutions exist, with various price points… </li></ul><ul><ul><li>Microsoft ConfigMgr 2007 </li></ul></ul><ul><ul><li>Microsoft SCE 2007 </li></ul></ul><ul><ul><li>Altiris </li></ul></ul><ul><ul><li>Kaseya </li></ul></ul><ul><ul><li>Kace KBOX </li></ul></ul><ul><ul><li>Active Directory </li></ul></ul><ul><ul><li>PSExec </li></ul></ul>Free Not Free
    30. 30. GP Software Installation <ul><li>Group Policy Software Installation (GPSI) is no cost and arrives as a component of Active Directory </li></ul><ul><ul><li>Generally limited to MSI installations. </li></ul></ul><ul><ul><ul><li>ZAP files allow limited use of EXE installations. Programmatic. </li></ul></ul></ul><ul><ul><li>Challenging learning curve </li></ul></ul><ul><ul><li>(If not set up right) Eliminating GP can automatically uninstall software </li></ul></ul><ul><ul><li>No reporting component. No way to know where failures have occurred. </li></ul></ul><ul><li>… but, it is free. </li></ul>
    31. 31. GP Software Installation <ul><li>Four Steps to installing software via GPSI: </li></ul><ul><ul><li>Obtain a “silenced” MSI installation package </li></ul></ul><ul><ul><li>Create a software distribution shared folder </li></ul></ul><ul><ul><li>Create a GPO </li></ul></ul><ul><ul><li>Assign or Publish the software </li></ul></ul><ul><li>Assignment vs. Publishing </li></ul><ul><ul><li>When a package is Assigned , the software isn ’t downloaded and installed until its initial use. </li></ul></ul><ul><ul><ul><li>The user must click its icon to start the process. </li></ul></ul></ul><ul><ul><ul><li>Eliminates software that users don ’t use, but increases the time to start on first use. </li></ul></ul></ul><ul><ul><li>When a package is Published , it appears in Add/Remove Programs. </li></ul></ul><ul><ul><ul><li>The user must choose to “Install a program from the network” </li></ul></ul></ul><ul><ul><ul><li>You cannot Publish to Computer objects </li></ul></ul></ul>
    32. 32. DEMO Group Policy Software Installation
    33. 33. PSExec-based Installation <ul><li>The problem with GPSI is its reliance on Group Policy. </li></ul><ul><ul><li>Group Policy refresh intervals take time. </li></ul></ul><ul><ul><li>Little to no reporting capabilities. Hard to know where it worked and where it didn ’t. </li></ul></ul><ul><ul><li>Sometimes you just want to push immediately, without waiting, and without creating GPOs. </li></ul></ul><ul><li>PSExec is a remote command execution tool. </li></ul><ul><ul><li>Runs commands on remote systems as if they were local. </li></ul></ul><ul><ul><li>Clientless </li></ul></ul><ul><ul><li>Free </li></ul></ul><ul><ul><li>Part of the PSTools from Microsoft (formerly Sysinternals) </li></ul></ul><ul><ul><li>Any executable that you would run locally could be run remotely via PSExec. You just need to encode the executable properly. </li></ul></ul><ul><li>psexec computerName cmd </li></ul>
    34. 34. PSExec-based Installation <ul><li>Although PSExec was intended for running basic commands on remote computers, it can be used to invoke the Windows Installer. </li></ul><ul><li>psexec computerName “c:windowssystem32msiexec.exe” /i serverpackageSharesetup.msi </li></ul><ul><ul><li>Useful for onsey-twosey installs once packages are created. </li></ul></ul>
    35. 35. DEMO PSExec-based Installation
    36. 36. For Cost Solutions <ul><li>Both of these solutions suffer from limitations… </li></ul><ul><ul><li>They ’re relatively hard to use. </li></ul></ul><ul><ul><li>They are not inventory-based. </li></ul></ul><ul><ul><li>They have no reporting component. </li></ul></ul><ul><ul><li>There is little to no security & workflow associated with software distribution. </li></ul></ul><ul><li>For Cost Solutions exist that add these necessary features for the not-so-small environment. </li></ul><ul><ul><li>Microsoft ConfigMgr 2007, Microsoft SCE 2007, Altiris, Kaseya, Kace KBOX, others… </li></ul></ul><ul><ul><li>Prices range from “wow” to “HOLY WOW”. </li></ul></ul>
    37. 38. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC