Backstory:
If you ever come across a scenario with SWV/SWS where you want to make absolute 100% sure certain file types, registry keys or folders never get lost inside of your virtual layers during deactivate, reset or deletion of the virtual layers, there is three ways to make sure of that as far as I know if we count Data Layer.
Normally all file types associated with your program gets excluded when we repackage that program if they resides under the registry location: HKLM\SOFTWARE\CLASSES\.”file-type”Example of files that will be excluded from Sas Enterprise Guide package.
Normally all file types associated with your program gets excluded when we repackage that program if they resides under the registry location: HKLM\SOFTWARE\CLASSES\.”file-type”Example of files that will be excluded from Sas Enterprise Guide package.
But sometimes you can save files from inside a package in other formats and if you really want to make sure files always exist on the system after your packages get removed, then you have to make sure all file types from the save as dialog is also excluded.
The easiest way to do that is with a new "virtual" package with ”Global excludes”, called GE in the rest of the article.
What is “Global excludes”?
GE is an option that will work across all virtual packages even if you haven’t made exclusions inside other packages and if there is file types, registry keys or folders from that list they will be saved in base layer (local file system c:\) when you reset or delete the package they exist inside.
Important note:
This can actually be overridden with each package since Symantec has made it possible to override the global exclude list with a tick box on every package. May come in handy if there is a certain package where this scenario don’t apply. Personally I haven’t seen any use of it yet, but it’s good to know.
How do you make Global Excludes?:
First you need to make an empty package with just an detection rule so ITMS will know if it exist on the system so it can be properly imported and installed.
When that is okay go to the tab called exclude entry’s.
We had some problems with our Office 2013 and 2016 packages, if users tried to save files to drives other than the system drive c:\ it would just fail because the filter driver would not work there.
So we started excluding all possible drive letters and sub-folders except c:\, this should be fixed now but from historic reasons we still exclude all drives from d:\ to z:\ just to be sure.
We also want to make sure files associated with Office like mailbox *.ost file exist in base folder all the time. Or else they tend to fail if other programs make use of them with integrations, and we want to make sure they never get deleted by other than by users or our own cleaup scripts (just keep in mind that, if you reload a virtual package later with the same files the will NOT be overwritten if you don’t script something for that, base layer files always win over files in virtual layers).
Examples of some of the filetypes assosiated with Office.
How to load the package “Global excludes”?:
Then we have to go into the Symantec composer and make 4 scripts to load Global excludes.
Settings from the 1 script:
Content of Event Scripts are stored under the registry location: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FSLX\Parameters\FSL] in hex format so we can’t read it directly from the registry file (I’m not that smart at least =).
Besides that my computer registry text is in Norwegian you can see the exclude path and filetypes.
All you need to do now is to make your changes in the package, and then export that part from the registry. Rename the two regfiles ExcludeDel and GlobalExclude and put them inside the meta folder in the package.Then compile package, import it on the computer you want to test it on.
When that is done, get it into production with ITMS.
That’s all for now guys, hope this will help you.
No comments:
Post a Comment