Recently I did
a big detective job in the organization I work for. I
We wanted to find all the applications used today that utilize the old .NET Clickonce deployment technology from Microsoft.
For those
who don’t know, Clickonce is a Windows-based appinstaller format that can be installed and run with
minimal user interaction. See more information about them here.
Locating all
the ClickOnce applications is a pain since they are installed into a user
profile when the app is started. So first I had to search through all our computers
looking for content under the following folder structure:
%localappdata%\Apps\2.0\<random folder>\<random app id>.
<random folder> is constructed from the
first 11 characters from the following user registry key:
HKCU\Software\Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\ComponentStore_RandomString
More details about
ClickOnce:
ClickOnce
can be delivered using the following methods:
·
From
a webpage
·
A
network share,
·
Legacy
medium like a CD-ROM/USB.
The developer can specify the update behaviour
to self-update by checking for new versions when the app is started or closed, and
automatically replace any updated files.. A network
administrator can also control update strategies, for example, marking an
update as mandatory. Updates can also be rolled back to an earlier version by
the end user or by an administrator. They can be locally installed so they work
even if the computers are offline, or they can be in an online-only mode
without permanent installing anything on the end user’s computer.
Pros:
·
Makes
it easy to update applications for the developers. And best of all, only those
parts of the application that have changed are downloaded, and the full,
updated application is reinstalled from the new side-by-side folder.
·
Low
impact to the user’s computer. Each app is self-contained and cannot interfere
with other applications.
·
Security
permissions: ClickOnce enables non-admin users to install and then grants only
those Code Access Security permissions necessary for the application
Cons:
·
Per-User
installs must be installed for every user that need that program. Not very well
suited for VDI/Terminal servers since it will have to be downloaded and installed
every time a new user logs into that machine. You can then think of all the wasted
CPU cycles, bandwidth, disk usage and time waiting for them to be installed…
·
Can
potentially create uninstall problems since they can only be removed correctly
if the user who installed it is logged on to the computer, have also seen
scenarios where they break and can’t be uninstalled correctly
·
No
native silent install and uninstall commands
·
Not
a very god candidate to virtualize with AppV for the following
reason:
o
AppV won’t let you write new executable files like
.EXE, .DLL or scripts into the package after sequencing is finished, so we are
not in charge of the update process if the developer release a new version of
the application and it tries to auto update.
o
The
random number registry string can change, so it can’t be static.
How to make a silent
installer and uninstaller for automating ClickOnce applications:
As mentions
above, I wanted to fully automate ClickOnce installations by making them completely
silent, but out of the box there is no method to deliver and uninstall them
without a logged-on user clicking the Install button in the install box.
After some
googling I found a small program on github called “SilentClickOnce” claiming to do so.
This program
was derived from some old Microsoft Code. The program is even compiled as an .EXE file
if you don’t know how to compile with Visual Studio.
Silent Install:
I use the Microsoft
ClickOnce application Sara as an example, before you can automate ClickOnce
applications you need to open the .application file in notepad.
This will
reveal the following:
“https://outlookdiagnostics.azureedge.net/sarafiles/Microsoft.Sara.Prod.application?usergroup=Prod&Ring=Prod&symptomid=7DEB9E4F-B4CA-48C4-AA75-F21B4B25B888#Microsoft.Sara.application,
Culture=neutral, PublicKeyToken=deffc2c208a0af39, processorArchitecture=msil”
There you
can see the url and the application name “Microsoft.Sara.Prod.application”
we will need for automating this install.
Install example:
SilentClickOnce.exe
-i
"\\192.168.1.2\apps\MyApp\MyApp.application" > MyApp.log
A working example I made, including username
in the logfile:
SilentClickOnce.exe
-i "https://app/app.application" >"c:\temp\Install.appname.%username%.log"
Silent Uninstall:
I could not get the
uninstall parameter -u to work as expected with silentclickonce,
so again I searched the internet for a working Uninstaller, and I got lucky here:
This code was
unfortunately not compiled as an .EXE file. So, you must search for someone who
have compiled it or try to figure it out with Visual Studio.
Uninstall
example:
ClickOnceUninstaller.exe
"appname" (You must search for DisplayName
in the user registry after you install your application for your "appname" parameter)
Working example:
ClickOnceUninstaller.exe "appname Office" > "c:\temp\uninstall.appname
Office.%username%.log"
Yet another Silent
uninstall method:
Unfortunately,
developers can choose to configure applications for “Online Only” mode, it will
not create the uninstall registry key then. One way to check if the application
is in online mode is by downloading Microsoft Mage.exe tool from here and open the .application url,
or the .xbap file from the tool, if you look at the
picture, Application Type will then say “Online Only” in the manifest file:
The only
way I have found to remove applications from the cache when in onlinemode is to run the following command: "rundll32 %windir%\system32\dfshim.dll CleanOnlineAppCache"
(same as Mage.exe -cc)
Beware that this command will remove
all “Online
Only” mode applications from that user’s cache, and they must be reinstalled
again.
VSTO ClickOnce silent install
for Office plugins:
ClickOnce
can also be used to install Microsoft VSTO Office Add-ins for certain users. If
we want to automate this, we can then follow the short tutorial I made.
If you want
to test it yourself, there Is a plugin called spotlight hosted on amazon you can download for
free and test.
How to silently install an unsigned VSTO
file:
1. On your reference computer, install
the VSTO file manually.
2. Export the following information
from registry:
[HKEY_CURRENT_USER\Software\Microsoft\VSTO\Security]
Look for a GUID\NUMBER, everything like URL and Public Key must also be exported.
3. Create a script that that applies
the registry file, exported in step 2.
REGEDIT /S REGFILE.REG
4. Install the VSTO file with the
following syntax:
"C:\Program
Files (x86)\Common Files\Microsoft
Shared\VSTO\10.0\VSTOInstaller.exe" /i http://PathToVSTO/Vstofile.vsto /s
5. Uninstall the VSTO file with the following
syntax:
"C:\Program
Files (x86)\Common Files\Microsoft
Shared\VSTO\10.0\VSTOInstaller.exe" /uninstall http://PathToVSTO/Vstofile.vsto /s
6. Then you must delete the program
registry key from the following registry location:
[HKEY_CURRENT_USER\Software\Microsoft\VSTO\Security]
if it exists.
Using AppV
to deliver ClickOnce applications:
Creating pure virtual
packages:
As
mentioned before ClickOnce is not the best technology for pure AppV packages, mostly because of the way it can auto update,
and the way install folders can randomly change. If the application tries to
update executable files inside the virtual package it will fail bigtime.
And that’s
because AppV packages is fully write-protected after
the Sequenced virtual package is saved, even if enable VFS mode is on.
If you are lucky
and have an open dialog with the vendor, they can configure the app to locally
install so it works even if the computers are offline. If it’s in pure online mode,
you can get a notice before they update to a new version. This way you can automate
the installation of a pure virtual package with the silent install methods I wrote
about before in this blogpost.
The best
way doing this is to Sequence new versions using the Microsoft Autosequencer, and deploy it as fast as possible.
How to create a user publishing script to deploy the application:
If you only
want to automate the silent install/uninstall part, but don’t care about files
in the native OS you can just script the installation using AppV.
Upload the “SilentClickOnce.exe”
into the script directory of your AppV package and
created a folder in the VFS with a dummy file so the package can be saved.
I made a batch
file called “Install.cmd” and pasted the silent install parameter into that
file.
SilentClickOnce.exe
-i "https://url.appname.application" >"c:\temp\Install.programname.%username%.log"
All the package
settings are displayed in the picture bellow. You can also make the script with
PowerShell, VBS or compile it into an .EXE file if you need it completely
silent.
How to create a user unpublishing
script to remove the application:
Upload the
“ClickOnceUninstaller.exe” into the script directory of your AppV package and created a folder in the VFS with a dummy
file so the package can be saved.
I made a
batch file called “uninstall.cmd” and pasted the silent remove parameter into
that file.
ClickOnceUninstaller.exe "Programname" > "c:\temp\uninstall.programname.%username%.log"
All the
package settings are displayed in the picture bellow. You can also make the
script with PowerShell, VBS or compile it into an .EXE file if you need it
completely silent.
And when the AppV
package is published to users a shortcut will magically appear on the desktop
afterwards. And an unpublish would remove it just like that.
And as always, hope this will be of
help to someone 😊
No comments:
Post a Comment