Automate Application creation in ConfigMgr with Powershell

Automate Application creation in ConfigMgr with Powershell

In my previous post i wrote about a convoluted way of hiding credentials whereever possible when working with Task Sequences. Fortunately, this entire solution became obsolete when Microsoft decided to offer to mask sensitive data in a Task Sequence with a mere checkbox. First in the 1804 preview, then in release with 1806.

This time, i’d like to share something that is a little less situational. It’s a Powershell script to create Applications and (almost) everything with it. There are plenty similar scripts around on Technet or so, so you may wonder: what makes this one so different? Honestly, probably not that much. If anything, it would be its flexibility and ease of use as you can basically go through it with just a few mouse clicks. It evolved from simply automating repetitive tasks to a handy tool that I use at pretty much all my customers.

 

What does it do:

Depending on the specified parameters it will;

  • Create an Application in an optional specific folder within the ConfigMgr console.
  • Create either a script-based or MSI-based Deployment Type for that Application, including its Detection rule.
  • Create an AD Group with a Prefix based on your naming-convention.
  • Link this Group to an ‘All Apps’ Group, so an admin or device in this group has access to all created apps in one go.
  • Create either a User or Device Collection in an optional specific folder within the ConfigMgr console.
  • Create a Membership rule for said Collection based on the AD Group created earlier.

Once executed (without any parameters), it will load the required modules and prompt you to browse to an installation file.
If you select an MSI file and you have an icon file in your source folder, the script will do everything else. If there’s no icon file; it will ask you to select one. Though you can cancel the prompt and ConfigMgr will use the rather ugly default icon.
If you select a .cmd or .ps1 file, the script will prompt you for an uninstall file and a detection script file. And again an optional extra prompt for an icon file.

 

What doesn’t it do:

It does not create Deployments. When i get around to it i’ll probably add a switch for that too. But since in most cases deployments need to be tested first, so far I’ve always preferred to create these manually.

It has no option to remove stuff. I may or may not integrate that into this script. For now, automating cleanup is something for a future blog post 🙂

 

Requirements:

  • you have your content share set up in a specific way:
    \\server\share\folder\AppVendor\AppName\Version\Bitness(Optional)
    This is needed because the script will fill in several fields such as Manufacturer, Name and Version based on this folder structure. This is then also used to create AD Groups and/or Collection name.
  • you have the ConfigMgr Cmdlets available or installed,
  • you have the AD Cmdlets available or installed,
  • you prepare your (script-based) Application properly.
    In most cases, all you’ll need is an install, uninstall and detection script. For MSI-based installers you have the option to specify arguments or let the script handle everything for you.
    Ideally, you also have an icon file present that is, at the time of writing, no larger than 250x250px.

For example, you could have the following files;

install.cmd:
Calling Setup.exe with some silent parameter from the same folder as the batch file:

 

uninstall.cmd:
Calling Setup.exe with some silent parameter from the same folder as the batch file:

 

detect.ps1:
Most properly built installers will write their application info to this location so that it shows up in Add/Remove Programs in Windows. So its fairly reliable to detect a successful installation. You can make your detection as complex as you want. Just make sure the script ends with an exitcode 0 and non-error string. We only return a True and no False (or any other string), as doing so would be picked up by ConfigMgr as a failure.  See this documentation over at Microsoft for valid return values.

Note that 32-bit software on a 64-bit system will redirect to HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall’.

 

The script:

For ease of use, you may want to check some parameter defaults and edit them to match your environment. Most notably the AppPath and GroupOU parameters.


If you have any questions or comments, i’d be happy to hear them.

Migrate App-V Usersettings

This blog is about migrating settings from an App-V 4.x package to any other installation. Is it possible if you leave the settings location the same? I think it is.

First a little intro about my thought’s on settings. When you work as an Application administrator or Application packager you often think about application settings. The settings control the connections to a Database, fileserver, backendserver, data save locations and settings that users want to create for themselves.

You can help your enduser, and yourself, by thinking about these settings in advance. Server settings, company settings and datapath’s  should be predefined when a user fist starts the application. Most of the times these settings are saved in the Registry, ini files and configfiles. Alluser config can be found in the HKLM part of the registry or the installfolder. Usersettings wil be saved in HKCU or Appdata folder. Of course, this all depends on the application.

How to control the user settings depends on the type of package you use and what kind of environment you are packaging for. Most commonly used packaging ways are;

  • App-V, settings are recorded and sometimes controlled by prelaunch scripts
  • MSI, Settings are recorded and sometimes controlled by Custom actions
  • Local installations (setup.exe), settings can be created by using response files or can be set by install-scripts, Group Policies Preferences etc.
  • The backend server contains userprofiles with settings.

If you have an environment with Immidio Flex, RES workspace manager, Microsoft UE-V or another solution that can manage your settings you should use them. In this case you can leave you package clean and manage the settings  for you client application by your solution.

But now back to App-v , without a user environment tool. When you create an app-v package you can predefine some settings. You should turn off autoupdates, configure licensefiles, serverconnections and the default data path for the users data files if possible.  This way, the user isn’t bored by these configure actions. Currentuser settings can be done by a prelaunch script.

If the user changes settings after launching the application, like the color of the text, this is saved in the userprofile. The settings are saved in an PKG file. This file can’t be read but will contain al the changes a user makes. This file will roam with the user to any system where the same App-V package is started.

This works great. The problem starts when a major application upgrade or change occurs. Think about.

  • New software version (when update package isn’t the way)
  • Converting from App-V to a MSI (local install). Yes it happens..
  • Migrating to App-V 5

Of course you should predetermine all the common settings. But settings changed by the user, which all  will be stored in the PKG file, will be gone when changing and/or upgrading! The user will not be pleased with this result.

How can we make this easier for the user?

  • Sometimes we cannot. Maybe the new version can’t deal with the settings from the old version..
  • With tools that can manage usersettings (Microsoft UEV, Immidio Flex, RES workspace manager)
  • With scripts

I created this post for environments without a user setting management tool. My solution is creating an App-V shutdown powershell script. Of course this must be adapted to your application needs. So the idea is.

  • On application shutdown export the settings to the user homedir
  • Configure the new application to import the settings from the user homedir (once)

For example, my customer has an application that appears to run badly within App-V with a certain version. A new package/installation is created. But while testing the users did lose a lot of settings.  It appears that the user can do a lot of personal tweaking in the application. So I created the following.

Environment:
-App-V 4.6

Application settings:

Managed by App-V client (PKG)

Settings that must be migrated

AppData\MyApp\UserFiles
HKCU\Software\MyApp\UserSettings

Step 1: Export the settings from the old package

In the OSD file from the old package add the following code

<DEPENDENCY> <SCRIPT EVENT="SHUTDOWN" TIMING="POST" PROTECT="TRUE" WAIT="TRUE" TIMEOUT=""> <HREF>"powershell.exe" -file .ExportSettings.ps1"</HREF> </SCRIPT> </DEPENDENCY>

The Exportscript can be placed on any place. Maybe the best way is placing it within the package on the app-v drive.

Step 1a: The export script

Steps are:

  • Export AppData\Application1\UserFiles\
  • Export HKCU\Software\ Application1\UserFiles\UserSettings
  • Create logfile

Step 2a: Import the settings into the new package

Add the following in you new app-v package (or start up script for local installs..)

<DEPENDENCY> <SCRIPT EVENT="LAUNCH" TIMING="POST" PROTECT="TRUE" WAIT="TRUE" TIMEOUT=""> <HREF>"powershell.exe" -file .ImportSettings.ps1 "-</HREF> </SCRIPT> </DEPENDENCY>

Step 2b: The import script

Steps are:

  • Import if check file doesn’t exist AppData\Application1\UserFiles\
  • Import if check file doesn’t exist HKCU\Software\ Application1\\UserFiles\\UserSettings
  • Create logfile and checkfile.

ImportSettings.ps1 content

App-V 5

In my next post I will test this solution in App-V 5. My guess is that it wil work. App-V 5 stores usersettings in:

%appdata%\Microsoft\appV
and
HKCU\Software\Microsoft\AppV

But when you start the application the settings are translated. So, appdata will become the normal appdata location. But it will only exist if the package is started. So the trick is “Run the importscript when the package is started but BEFORE the application is launched”. So I need to figure out how the pre-launch script works in App-V 5.

To be continued…

Cheers