SlideShare a Scribd company logo

Briforum2012 advanced appv-sequencing

Download as PPTX, PDF
Kevin Kaminski
Kevin Kaminski
Technology
1 of 35
BriForum | © TechTarget Welcome
BriForum | © TechTarget Kevin Kaminski Principal Consultant Big Hat Group Inc. & CoreTech Staffing and Professional Services Advanced Sequencing with App-V
Agenda ● What is an Application ● State Separation (aka Application Virtualization) ● Application Compatibility Shims ● Using Shims with App-V ● Overcoming Device Driver Issues with App-V ● Overview of Procmon ● Using Procmon with App-V BriForum | © TechTarget 3
What is an Application? BriForum | © TechTarget 4
Applications and the Operating System BriForum | © TechTarget 5
State Separation (aka Application Virtualization) BriForum | © TechTarget 6
Application Compatibility Shims ● Built-in operating system feature ● Users can set compatibility levels for specific applications BriForum | © TechTarget 7 What is a Shim?
Application Compatibility Shims ● Applies to applications that use the Windows Portable Executable format. ● Most PE executables use one or more DLLs. ● When each application is launched the system checks to see if one or more shims are required. ● If one or more shims are required the behavior of one or more DLLs is altered. BriForum | © TechTarget 8 What is a Shim?
Application Compatibility Shims ● In order to link executables to DLLs a mapping is created called the import address table. ● The import address table is built at launch time to create mappings between the PE executable and its required DLLs. ● All DLLs are loaded into memory at this time. ● Any shims that need to be applied are loaded as the import address table is built. BriForum | © TechTarget 9 Shimming: Under the Covers
Application Compatibility Shims [HKEY_CURRENT_USERSOFTWAREMicrosoftWindows NTCurrentVersionAppCompatFlags [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionAppCompatFlags BriForum | © TechTarget 10 The Operating System Components
BriForum | © TechTarget 1111 Dependency Walker Trace Demo Time! BriForum | © TechTarget
The Shim Engine without App-V BriForum | © TechTarget 12
The Shim Engine without App-V BriForum | © TechTarget 13
The Shim Engine with App-V BriForum | © TechTarget 15
The Shim Engine with App-V BriForum | © TechTarget 16
App-V and Shims ● Installation - SDBInst.exe –n “<SDB Filename>” - Standard User Analyzer Wizard MSI ● Delivery - Install as a dependency via systems management tool. - Implement as a script inside the OSD ● Really? Your users should not be local administrators. ● If using the App-V management server to manage App-V apps the coordination between management systems can be an issue. BriForum | © TechTarget 17 Implementation Choices
BriForum | © TechTarget 1818 “Shimming” a Virtual Application Demo Time! BriForum | © TechTarget
Device Drivers ● Runs in the kernel memory space ● Installers can vary - EXE - MSI - No installer ● Provides functionality to communicate with hardware - But not always the case i.e. Antivirus ● Not all drivers work with virtual applications - i.e. how badly do you need this as a virtual application? BriForum | © TechTarget 19 What is a device driver?
Device Drivers ● Driver Files - .INF: Setup information file, can install programs as well - .CAT: Signature files used to validate driver authenticity - .EXE: Usually for end user interaction - .DLL: Some drivers also contain libraries - .SYS: The driver itself - .PDB: Microsoft file format for storing debug information BriForum | © TechTarget 20 What is a device driver?
Device Driver Interaction with App-V BriForum | © TechTarget 21
Device Driver Interaction with App-V BriForum | © TechTarget 22
Device Drivers ● DIFx - Part of the Windows Driver Kit - Free Download ● http://msdn.microsoft.com/en-us/windows/hardware/gg487428 ● http://bit.ly/msdifx - Local Location ● C:WinDDK7600.16385.1redistDIFx BriForum | © TechTarget 23 Same Problem But Different Solution
Device Drivers ● DIFx - DPInst.exe ● Simple, easiest to implement ● Command line or manual - DIFx App ● MSI Merge Module ● .wixlib for WIX support - DIFx API ● Developer interface only BriForum | © TechTarget 24 Same Problem But Different Solution
Device Drivers ● Simple Install: DPInst.exe /s ● Other flags: - /lm – Legacy mode, accepts unsigned drivers - /path – If drivers are not in the current working directory - /sa – Suppresses adding an entry to Programs and Features - /se – Suppress EULA, works with /s or /q - /sw – Suppresses the wizard, only works with /se - /u – Supply the .inf file and this flag uninstalls the driver BriForum | © TechTarget 25 DPInst.exe Command Lines
Device Drivers ● Rundll32.exe syssetup,SetupInfObjectInstallAction <INF File Section> <Flag> <Path to inf file> ● Rundll32.exe syssetup,SetupInfObjectInstallAction DefaultInstall 128 C:<path to inf> Flags: 4 Quiet Mode, no UI 8 Don't Run GrpConv 16 Force Self-Updating on User's System 32 Backup Data Before Install 64 Rollback to Previous State 128 Validate the Backup Data and Suppress Reboot 256 Complete Rollback to Previous State 512 Force Delay of OCX Registration BriForum | © TechTarget 26 Run32.dll
Collecting Drivers ● Look for Vendor Installer - Common for copy protection vendors ● Harvesting Drivers - Install media - Driver Magician ● Never after sequencing ● Make the vendor MSI / installer only install a driver - Can be difficult or next to impossible BriForum | © TechTarget 27 Different Approaches
BriForum | © TechTarget 2828 Collecting and Installing Device Drivers Demo Time! BriForum | © TechTarget
Process Monitor (aka Procmon) ● An advanced logging tool for process and thread activity - Registry access - File access - Network activity - Time and duration of events (i.e. performance metrics) BriForum | © TechTarget 29 What is it?
Process Monitor ● Regular Operation - Administrator rights - Rights to install device drivers ● Reading Logs (/openlog) - Regular user ok - Also remember /Run32 for opening 32-bit logs on a 64-bit system BriForum | © TechTarget 30 Rights Requirements
Process Monitor ● Use the following command line to inject a command prompt - C:Program Files (x86)Microsoft Application Virtualization Clientsfttray.exe" /exe cmd.exe /launch "DefaultApp MFC Application 1.0.0.1 - Best practice is to launch procmon and the App-V application using the command prompt BriForum | © TechTarget 31 Monitoring Inside the Sequence
Process Monitor ● Or put a command prompt in the OSD (KB939896) <SCRIPT EVENT="LAUNCH" TIMING="PRE" PROTECT="FALSE" WAIT="TRUE" TIMEOUT="0"> <SCRIPTBODY>cmd.exe</SCRIPTBODY> </SCRIPT> - Best practice is to launch procmon.exe with the start command then close the command prompt to launch the App-V application BriForum | © TechTarget 32 Monitoring Inside the Sequence #2
Process Monitor ● Command Line - Procmon.exe /externalcapture ● Best Visibility with /externalcapture - Protect = TRUE with no /externalcapture: 430 - Protect = TRUE: 430 - Protect = False without /externalcapture: 430 - Protect = False with /externalcapture: 988 - Outside the sequence with /externalcapture: 988 BriForum | © TechTarget 33 Monitoring Outside the Sequence #3
BriForum | © TechTarget 3434 Procmon Demo Time! BriForum | © TechTarget
Process Monitor ● /BackingFile – Uses a file for logging rather than memory ● /NoConnect – Don’t start monitoring on launch ● /AcceptEula – Get rid of EULA on first use ● /LoadConfig – Loads a saved configuration file ● /Profiling – Enables thread profiling ● /Minimized – Minimize procmon on startup ● /Quiet – Does not confirm filter settings on startup BriForum | © TechTarget 35 Misc Procmon Command Line Flags
The End ● My Blog: www.myitforum.com/cs2/blogs/kkaminski ● My Twitter: @kkaminsk ● Application Compatibility Toolkit: http://bit.ly/msact56 ● Application Verifier: http://bit.ly/appverify ● DIFx http://bit.ly/msdifx ● Process Monitor: http://bit.ly/procmon ● INF Files: Gosh’s site http://gosh.msfn.org/ ● Sysinternals Administrator Reference: http://bit.ly/samref BriForum | © TechTarget 36 Resources (… and question time)

Recommended

Open Mic on Sametime9 Install -Best Practices
Open Mic on Sametime9 Install -Best PracticesOpen Mic on Sametime9 Install -Best Practices
Open Mic on Sametime9 Install -Best Practices
Vinayak Tavargeri
 
Whitepaper QF-Test: GUI Testing to the edge.
Whitepaper QF-Test: GUI Testing to the edge.Whitepaper QF-Test: GUI Testing to the edge.
Whitepaper QF-Test: GUI Testing to the edge.
Claudia Baur
 
LAS16-406: Android Widevine on OP-TEE
LAS16-406: Android Widevine on OP-TEELAS16-406: Android Widevine on OP-TEE
LAS16-406: Android Widevine on OP-TEE
Linaro
 
Kalimucho Research Project, OW2con11, Nov 24-25, Paris
Kalimucho Research Project, OW2con11, Nov 24-25, ParisKalimucho Research Project, OW2con11, Nov 24-25, Paris
Kalimucho Research Project, OW2con11, Nov 24-25, Paris
OW2
 
Automation testing core
Automation testing coreAutomation testing core
Automation testing core
Petro Konopelko
 
Embedded software static analysis_Polyspace-WhitePaper_final
Embedded software static analysis_Polyspace-WhitePaper_finalEmbedded software static analysis_Polyspace-WhitePaper_final
Embedded software static analysis_Polyspace-WhitePaper_final
TAMILMARAN C
 
Continuous Integration
Continuous IntegrationContinuous Integration
Continuous Integration
Alea Soluciones, S.L.
 
Distributed and Scalable JMeter
Distributed and Scalable JMeterDistributed and Scalable JMeter
Distributed and Scalable JMeter
Hepsiburada
 

Recommended

Open Mic on Sametime9 Install -Best Practices
Open Mic on Sametime9 Install -Best PracticesOpen Mic on Sametime9 Install -Best Practices
Open Mic on Sametime9 Install -Best Practices
Vinayak Tavargeri
 
Whitepaper QF-Test: GUI Testing to the edge.
Whitepaper QF-Test: GUI Testing to the edge.Whitepaper QF-Test: GUI Testing to the edge.
Whitepaper QF-Test: GUI Testing to the edge.
Claudia Baur
 
LAS16-406: Android Widevine on OP-TEE
LAS16-406: Android Widevine on OP-TEELAS16-406: Android Widevine on OP-TEE
LAS16-406: Android Widevine on OP-TEE
Linaro
 
Kalimucho Research Project, OW2con11, Nov 24-25, Paris
Kalimucho Research Project, OW2con11, Nov 24-25, ParisKalimucho Research Project, OW2con11, Nov 24-25, Paris
Kalimucho Research Project, OW2con11, Nov 24-25, Paris
OW2
 
Automation testing core
Automation testing coreAutomation testing core
Automation testing core
Petro Konopelko
 
Embedded software static analysis_Polyspace-WhitePaper_final
Embedded software static analysis_Polyspace-WhitePaper_finalEmbedded software static analysis_Polyspace-WhitePaper_final
Embedded software static analysis_Polyspace-WhitePaper_final
TAMILMARAN C
 
Continuous Integration
Continuous IntegrationContinuous Integration
Continuous Integration
Alea Soluciones, S.L.
 
Distributed and Scalable JMeter
Distributed and Scalable JMeterDistributed and Scalable JMeter
Distributed and Scalable JMeter
Hepsiburada
 
Continuous integration CloudParty 21 may 2014 - Milan
Continuous integration CloudParty 21 may 2014 - MilanContinuous integration CloudParty 21 may 2014 - Milan
Continuous integration CloudParty 21 may 2014 - Milan
Simone Pasquini
 
Delivering Quality Software with Continuous Integration
Delivering Quality Software with Continuous IntegrationDelivering Quality Software with Continuous Integration
Delivering Quality Software with Continuous Integration
Aspire Systems
 
Sprint 154
Sprint 154Sprint 154
Sprint 154
ManageIQ
 
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Linaro
 
Mobile Test Automation using one API and one infrastructure
Mobile Test Automation using one API and one infrastructureMobile Test Automation using one API and one infrastructure
Mobile Test Automation using one API and one infrastructure
Michael Palotas
 
Resume_Archana_Rao
Resume_Archana_RaoResume_Archana_Rao
Resume_Archana_Rao
archana rao
 
BMW Standard tools 2.12 on win7 64 bit
BMW Standard tools 2.12 on win7 64 bitBMW Standard tools 2.12 on win7 64 bit
BMW Standard tools 2.12 on win7 64 bit
OBD365
 
Gonzo - Increasing Agility by Understanding Risk
Gonzo - Increasing Agility by Understanding RiskGonzo - Increasing Agility by Understanding Risk
Gonzo - Increasing Agility by Understanding Risk
croomes
 
LAS16-108: JerryScript and other scripting languages for IoT
LAS16-108: JerryScript and other scripting languages for IoTLAS16-108: JerryScript and other scripting languages for IoT
LAS16-108: JerryScript and other scripting languages for IoT
Linaro
 
Continuous Integration for Salesforce1 Platform
Continuous Integration for Salesforce1 PlatformContinuous Integration for Salesforce1 Platform
Continuous Integration for Salesforce1 Platform
Techsophy Inc.
 
Software Versioning by mohammad al banna
Software Versioning by mohammad al bannaSoftware Versioning by mohammad al banna
Software Versioning by mohammad al banna
Mohammad AlBanna
 
Maven and ANT
Maven and ANTMaven and ANT
Maven and ANT
Sun Technlogies
 
Bring and distribute your dekstop applications on the Universal Windows Platf...
Bring and distribute your dekstop applications on the Universal Windows Platf...Bring and distribute your dekstop applications on the Universal Windows Platf...
Bring and distribute your dekstop applications on the Universal Windows Platf...
Matteo Pagani
 
LAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devices
Linaro
 
Production Time Profiling Out of the Box
Production Time Profiling Out of the BoxProduction Time Profiling Out of the Box
Production Time Profiling Out of the Box
Marcus Hirt
 
Programmable infrastructure with FlyScript
Programmable infrastructure with FlyScriptProgrammable infrastructure with FlyScript
Programmable infrastructure with FlyScript
Riverbed Technology
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)
Peter Bittner
 
Continuous Integration Step-by-step
Continuous Integration Step-by-stepContinuous Integration Step-by-step
Continuous Integration Step-by-step
Michelangelo van Dam
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security Blueprint
Group of company MUK
 
A guide to modern software development 2018
A guide to modern software development 2018A guide to modern software development 2018
A guide to modern software development 2018
Peter Bittner
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
solarisyougood
 
Continuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCodeContinuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCode
IBM UrbanCode Products
 

More Related Content

What's hot

Resume_Archana_Rao
Resume_Archana_RaoResume_Archana_Rao
Resume_Archana_Rao
archana rao
 
LAS16-108: JerryScript and other scripting languages for IoT
LAS16-108: JerryScript and other scripting languages for IoTLAS16-108: JerryScript and other scripting languages for IoT
LAS16-108: JerryScript and other scripting languages for IoT
Linaro
 
Bring and distribute your dekstop applications on the Universal Windows Platf...
Bring and distribute your dekstop applications on the Universal Windows Platf...Bring and distribute your dekstop applications on the Universal Windows Platf...
Bring and distribute your dekstop applications on the Universal Windows Platf...
Matteo Pagani
 

What's hot (15)

Continuous integration CloudParty 21 may 2014 - Milan
Continuous integration CloudParty 21 may 2014 - MilanContinuous integration CloudParty 21 may 2014 - Milan
Continuous integration CloudParty 21 may 2014 - Milan
 
Delivering Quality Software with Continuous Integration
Delivering Quality Software with Continuous IntegrationDelivering Quality Software with Continuous Integration
Delivering Quality Software with Continuous Integration
 
Sprint 154
Sprint 154Sprint 154
Sprint 154
 
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
 
Mobile Test Automation using one API and one infrastructure
Mobile Test Automation using one API and one infrastructureMobile Test Automation using one API and one infrastructure
Mobile Test Automation using one API and one infrastructure
 
Resume_Archana_Rao
Resume_Archana_RaoResume_Archana_Rao
Resume_Archana_Rao
 
BMW Standard tools 2.12 on win7 64 bit
BMW Standard tools 2.12 on win7 64 bitBMW Standard tools 2.12 on win7 64 bit
BMW Standard tools 2.12 on win7 64 bit
 
Gonzo - Increasing Agility by Understanding Risk
Gonzo - Increasing Agility by Understanding RiskGonzo - Increasing Agility by Understanding Risk
Gonzo - Increasing Agility by Understanding Risk
 
LAS16-108: JerryScript and other scripting languages for IoT
LAS16-108: JerryScript and other scripting languages for IoTLAS16-108: JerryScript and other scripting languages for IoT
LAS16-108: JerryScript and other scripting languages for IoT
 
Continuous Integration for Salesforce1 Platform
Continuous Integration for Salesforce1 PlatformContinuous Integration for Salesforce1 Platform
Continuous Integration for Salesforce1 Platform
 
Software Versioning by mohammad al banna
Software Versioning by mohammad al bannaSoftware Versioning by mohammad al banna
Software Versioning by mohammad al banna
 
Maven and ANT
Maven and ANTMaven and ANT
Maven and ANT
 
Bring and distribute your dekstop applications on the Universal Windows Platf...
Bring and distribute your dekstop applications on the Universal Windows Platf...Bring and distribute your dekstop applications on the Universal Windows Platf...
Bring and distribute your dekstop applications on the Universal Windows Platf...
 
LAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devices
 
Production Time Profiling Out of the Box
Production Time Profiling Out of the BoxProduction Time Profiling Out of the Box
Production Time Profiling Out of the Box
 

Similar to Briforum2012 advanced appv-sequencing

Continuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCodeContinuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCode
IBM UrbanCode Products
 
Briforum2013 applicationpackagingsmackdown public
Briforum2013 applicationpackagingsmackdown publicBriforum2013 applicationpackagingsmackdown public
Briforum2013 applicationpackagingsmackdown public
Kevin Kaminski
 
Command central 9.6 - Features Overview
Command central 9.6 - Features OverviewCommand central 9.6 - Features Overview
Command central 9.6 - Features Overview
Software AG
 
Solving the Automation Puzzle - how to select the right automation framework ...
Solving the Automation Puzzle - how to select the right automation framework ...Solving the Automation Puzzle - how to select the right automation framework ...
Solving the Automation Puzzle - how to select the right automation framework ...
Ori Bendet
 

Similar to Briforum2012 advanced appv-sequencing (20)

Programmable infrastructure with FlyScript
Programmable infrastructure with FlyScriptProgrammable infrastructure with FlyScript
Programmable infrastructure with FlyScript
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)Avoid the Vendor Lock-in Trap (with App Deployment)
Avoid the Vendor Lock-in Trap (with App Deployment)
 
Continuous Integration Step-by-step
Continuous Integration Step-by-stepContinuous Integration Step-by-step
Continuous Integration Step-by-step
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security Blueprint
 
A guide to modern software development 2018
A guide to modern software development 2018A guide to modern software development 2018
A guide to modern software development 2018
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
 
Continuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCodeContinuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCode
 
Briforum2013 applicationpackagingsmackdown public
Briforum2013 applicationpackagingsmackdown publicBriforum2013 applicationpackagingsmackdown public
Briforum2013 applicationpackagingsmackdown public
 
Dublin Unity User Group Meetup Sept 2015
Dublin Unity User Group Meetup Sept 2015Dublin Unity User Group Meetup Sept 2015
Dublin Unity User Group Meetup Sept 2015
 
Best free tools for w d a
Best free tools for w d aBest free tools for w d a
Best free tools for w d a
 
Best free tools for win database admin
Best free tools for win database adminBest free tools for win database admin
Best free tools for win database admin
 
Ubuntu Core 技术详解
Ubuntu Core 技术详解Ubuntu Core 技术详解
Ubuntu Core 技术详解
 
Side loading
Side loadingSide loading
Side loading
 
Command central 9.6 - Features Overview
Command central 9.6 - Features OverviewCommand central 9.6 - Features Overview
Command central 9.6 - Features Overview
 
Blugento cloud foundry - components - principles
Blugento cloud foundry - components - principlesBlugento cloud foundry - components - principles
Blugento cloud foundry - components - principles
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
 
Solving the Automation Puzzle - how to select the right automation framework ...
Solving the Automation Puzzle - how to select the right automation framework ...Solving the Automation Puzzle - how to select the right automation framework ...
Solving the Automation Puzzle - how to select the right automation framework ...
 
Tool overview – how to capture – how to create basic workflow .pptx
Tool overview – how to capture – how to create basic workflow .pptxTool overview – how to capture – how to create basic workflow .pptx
Tool overview – how to capture – how to create basic workflow .pptx
 
Explore asp.net core 3.0 features
Explore asp.net core 3.0 featuresExplore asp.net core 3.0 features
Explore asp.net core 3.0 features
 
DESKTOP GUI APP DEVELOPMENT USING PYTHON!
DESKTOP GUI APP DEVELOPMENT USING PYTHON!DESKTOP GUI APP DEVELOPMENT USING PYTHON!
DESKTOP GUI APP DEVELOPMENT USING PYTHON!
 

Recently uploaded

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Briforum2012 advanced appv-sequencing

  • 1. BriForum | © TechTarget Welcome
  • 2. BriForum | © TechTarget Kevin Kaminski Principal Consultant Big Hat Group Inc. & CoreTech Staffing and Professional Services Advanced Sequencing with App-V
  • 3. Agenda ● What is an Application ● State Separation (aka Application Virtualization) ● Application Compatibility Shims ● Using Shims with App-V ● Overcoming Device Driver Issues with App-V ● Overview of Procmon ● Using Procmon with App-V BriForum | © TechTarget 3
  • 4. What is an Application? BriForum | © TechTarget 4
  • 5. Applications and the Operating System BriForum | © TechTarget 5
  • 6. State Separation (aka Application Virtualization) BriForum | © TechTarget 6
  • 7. Application Compatibility Shims ● Built-in operating system feature ● Users can set compatibility levels for specific applications BriForum | © TechTarget 7 What is a Shim?
  • 8. Application Compatibility Shims ● Applies to applications that use the Windows Portable Executable format. ● Most PE executables use one or more DLLs. ● When each application is launched the system checks to see if one or more shims are required. ● If one or more shims are required the behavior of one or more DLLs is altered. BriForum | © TechTarget 8 What is a Shim?
  • 9. Application Compatibility Shims ● In order to link executables to DLLs a mapping is created called the import address table. ● The import address table is built at launch time to create mappings between the PE executable and its required DLLs. ● All DLLs are loaded into memory at this time. ● Any shims that need to be applied are loaded as the import address table is built. BriForum | © TechTarget 9 Shimming: Under the Covers
  • 10. Application Compatibility Shims [HKEY_CURRENT_USERSOFTWAREMicrosoftWindows NTCurrentVersionAppCompatFlags [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionAppCompatFlags BriForum | © TechTarget 10 The Operating System Components
  • 11. BriForum | © TechTarget 1111 Dependency Walker Trace Demo Time! BriForum | © TechTarget
  • 12. The Shim Engine without App-V BriForum | © TechTarget 12
  • 13. The Shim Engine without App-V BriForum | © TechTarget 13
  • 14. The Shim Engine with App-V BriForum | © TechTarget 15
  • 15. The Shim Engine with App-V BriForum | © TechTarget 16
  • 16. App-V and Shims ● Installation - SDBInst.exe –n “<SDB Filename>” - Standard User Analyzer Wizard MSI ● Delivery - Install as a dependency via systems management tool. - Implement as a script inside the OSD ● Really? Your users should not be local administrators. ● If using the App-V management server to manage App-V apps the coordination between management systems can be an issue. BriForum | © TechTarget 17 Implementation Choices
  • 17. BriForum | © TechTarget 1818 “Shimming” a Virtual Application Demo Time! BriForum | © TechTarget
  • 18. Device Drivers ● Runs in the kernel memory space ● Installers can vary - EXE - MSI - No installer ● Provides functionality to communicate with hardware - But not always the case i.e. Antivirus ● Not all drivers work with virtual applications - i.e. how badly do you need this as a virtual application? BriForum | © TechTarget 19 What is a device driver?
  • 19. Device Drivers ● Driver Files - .INF: Setup information file, can install programs as well - .CAT: Signature files used to validate driver authenticity - .EXE: Usually for end user interaction - .DLL: Some drivers also contain libraries - .SYS: The driver itself - .PDB: Microsoft file format for storing debug information BriForum | © TechTarget 20 What is a device driver?
  • 20. Device Driver Interaction with App-V BriForum | © TechTarget 21
  • 21. Device Driver Interaction with App-V BriForum | © TechTarget 22
  • 22. Device Drivers ● DIFx - Part of the Windows Driver Kit - Free Download ● http://msdn.microsoft.com/en-us/windows/hardware/gg487428 ● http://bit.ly/msdifx - Local Location ● C:WinDDK7600.16385.1redistDIFx BriForum | © TechTarget 23 Same Problem But Different Solution
  • 23. Device Drivers ● DIFx - DPInst.exe ● Simple, easiest to implement ● Command line or manual - DIFx App ● MSI Merge Module ● .wixlib for WIX support - DIFx API ● Developer interface only BriForum | © TechTarget 24 Same Problem But Different Solution
  • 24. Device Drivers ● Simple Install: DPInst.exe /s ● Other flags: - /lm – Legacy mode, accepts unsigned drivers - /path – If drivers are not in the current working directory - /sa – Suppresses adding an entry to Programs and Features - /se – Suppress EULA, works with /s or /q - /sw – Suppresses the wizard, only works with /se - /u – Supply the .inf file and this flag uninstalls the driver BriForum | © TechTarget 25 DPInst.exe Command Lines
  • 25. Device Drivers ● Rundll32.exe syssetup,SetupInfObjectInstallAction <INF File Section> <Flag> <Path to inf file> ● Rundll32.exe syssetup,SetupInfObjectInstallAction DefaultInstall 128 C:<path to inf> Flags: 4 Quiet Mode, no UI 8 Don't Run GrpConv 16 Force Self-Updating on User's System 32 Backup Data Before Install 64 Rollback to Previous State 128 Validate the Backup Data and Suppress Reboot 256 Complete Rollback to Previous State 512 Force Delay of OCX Registration BriForum | © TechTarget 26 Run32.dll
  • 26. Collecting Drivers ● Look for Vendor Installer - Common for copy protection vendors ● Harvesting Drivers - Install media - Driver Magician ● Never after sequencing ● Make the vendor MSI / installer only install a driver - Can be difficult or next to impossible BriForum | © TechTarget 27 Different Approaches
  • 27. BriForum | © TechTarget 2828 Collecting and Installing Device Drivers Demo Time! BriForum | © TechTarget
  • 28. Process Monitor (aka Procmon) ● An advanced logging tool for process and thread activity - Registry access - File access - Network activity - Time and duration of events (i.e. performance metrics) BriForum | © TechTarget 29 What is it?
  • 29. Process Monitor ● Regular Operation - Administrator rights - Rights to install device drivers ● Reading Logs (/openlog) - Regular user ok - Also remember /Run32 for opening 32-bit logs on a 64-bit system BriForum | © TechTarget 30 Rights Requirements
  • 30. Process Monitor ● Use the following command line to inject a command prompt - C:Program Files (x86)Microsoft Application Virtualization Clientsfttray.exe" /exe cmd.exe /launch "DefaultApp MFC Application 1.0.0.1 - Best practice is to launch procmon and the App-V application using the command prompt BriForum | © TechTarget 31 Monitoring Inside the Sequence
  • 31. Process Monitor ● Or put a command prompt in the OSD (KB939896) <SCRIPT EVENT="LAUNCH" TIMING="PRE" PROTECT="FALSE" WAIT="TRUE" TIMEOUT="0"> <SCRIPTBODY>cmd.exe</SCRIPTBODY> </SCRIPT> - Best practice is to launch procmon.exe with the start command then close the command prompt to launch the App-V application BriForum | © TechTarget 32 Monitoring Inside the Sequence #2
  • 32. Process Monitor ● Command Line - Procmon.exe /externalcapture ● Best Visibility with /externalcapture - Protect = TRUE with no /externalcapture: 430 - Protect = TRUE: 430 - Protect = False without /externalcapture: 430 - Protect = False with /externalcapture: 988 - Outside the sequence with /externalcapture: 988 BriForum | © TechTarget 33 Monitoring Outside the Sequence #3
  • 33. BriForum | © TechTarget 3434 Procmon Demo Time! BriForum | © TechTarget
  • 34. Process Monitor ● /BackingFile – Uses a file for logging rather than memory ● /NoConnect – Don’t start monitoring on launch ● /AcceptEula – Get rid of EULA on first use ● /LoadConfig – Loads a saved configuration file ● /Profiling – Enables thread profiling ● /Minimized – Minimize procmon on startup ● /Quiet – Does not confirm filter settings on startup BriForum | © TechTarget 35 Misc Procmon Command Line Flags
  • 35. The End ● My Blog: www.myitforum.com/cs2/blogs/kkaminski ● My Twitter: @kkaminsk ● Application Compatibility Toolkit: http://bit.ly/msact56 ● Application Verifier: http://bit.ly/appverify ● DIFx http://bit.ly/msdifx ● Process Monitor: http://bit.ly/procmon ● INF Files: Gosh’s site http://gosh.msfn.org/ ● Sysinternals Administrator Reference: http://bit.ly/samref BriForum | © TechTarget 36 Resources (… and question time)