Presentation is loading. Please wait.

Presentation is loading. Please wait.

Customizing Installers for OpenAFS and MIT Kerberos for Windows Asanka C Herath Secure Endpoints Inc.

Published byEdward Isaac Rich Modified over 9 years ago

Similar presentations

Presentation on theme: "Customizing Installers for OpenAFS and MIT Kerberos for Windows Asanka C Herath Secure Endpoints Inc."— Presentation transcript:

1 Customizing Installers for OpenAFS and MIT Kerberos for Windows Asanka C Herath Secure Endpoints Inc.

2 WHY TRANSFORMS?

3 Original installer.msi Transform 1.mstCustomized Installer 1.msi Transform 2.mstCustomized Installer 2.msi New installer.msi Transform 1.mstCustomized New Installer 1.msi Original installer.msi

4 Transforms are … Packaged customizations – Can be applied to newer installers – Manage and document Supported – Used with Group Policy software assignment

5 ESSENTIAL WINDOWS INSTALLER Not a complete Windows Installer guide

6 Refer to the Windows Installer documentation on Microsoft Developer Network or the Windows Platform SDK Documentation for more details

7 Windows Installer Packages are … Based on a relational database model – Each installer ‘database’ contains information and data files used to install a product Declarative Organized into features and components

8 A Component A piece of an application that is versioned and installed as a coherent whole.

9 A Component Identified by a GUID {E353AA81-667F-44a1-8C04-133FCDD42E5E}

10 A Component Can contain a single file, a group of files, a file and a group of registry settings, a single registry setting, a shortcut, etc… File A Registry setting 1 Registry setting 2 {E353AA81-667F-44a1-8C04-133FCDD42E5E}

11 A Component Has a “key path” File A Registry setting 1 Registry setting 2 {E353AA81-667F-44a1-8C04-133FCDD42E5E}

12 A Component Can be shared across features, products and companies

13 A Component Has rules … (In brief, from ‘Windows Installer Components’, Microsoft Developer Network Library) 1.Each component must be stored in a single directory. 2.No file, registry entry, shortcut, or other resources should ever be shipped as a member of more than one component. This applies across products, product versions and companies. 1.Each component must be stored in a single directory. 2.No file, registry entry, shortcut, or other resources should ever be shipped as a member of more than one component. This applies across products, product versions and companies.

14 A Feature A high-level user-visible hierarchical grouping of components and other features

15 Features and Components afsd_service.exe afslogon.dll Service install for TransarcAFSDaemon HKLM\...\WinLogon\Notify\..., DLLName HKLM\...\WinLogon\Notify\..., Startup

16 Properties Are strings Can be specified at runtime or via a transform – Only “public” properties can be specified at runtime Can be used to condition the installation of components

17 TRANSFORMS Customization via

18 How transforms work Installer databases consist of a ‘relational- type’ database and an associated file storage. – OpenAFS for Windows and MIT Kerberos for Windows use cabinets. A transform is a set of changes that is made to the database contents. The file storage is unaffected.

19 Making a transform Make a copy of the original Make any required changes to the copy ‘Diff’ the two or Use ORCA.exe to edit and generate the transform…

20 Ingredients Windows Installer SDK (Part of the Windows SDK) – ORCA.exe – MsiTran.exe (optional) – MsiDb.exe (optional) – WiLstXfm.vbs (optional) Original MSI installers

21 CUSTOMIZATION USING PROPERTIES A walkthrough

22 1/3

23 2/3

24 3/3

25 Original installer.msi Transform.mst

26 Modified installer.msi Transform.mst Original Installer.msi Transform.mst Modified Installer.msi Original installer.msi msitran -g OriginalInstaller.msi ModifiedInstaller.msi Transform.mst copy OriginalInstaller.msi ModifiedInstaller.msi msitran -a Transform.mst ModifiedInstaller.msi copy OriginalInstaller.msi ModifiedInstaller.msi msitran -a Transform.mst ModifiedInstaller.msi

27 ADDING REGISTRY KEYS A walkthrough

28 Overview OpenAFS – Add a set of domain specific registry keys to enable integrated logon for EXAMPLE.COM realm.

29 HKLM\...\TransarcAFSDaemon\NetworkProvider\Domain\EXAMPLE.COM LogonOptions = 1 According to Appendix A section 2.1 of the OpenAFS for Windows Release Notes.

30 HKLM\...\TransarcAFSDaemon\NetworkProvider\Domain\EXAMPLE.COM LogonOptions = 1 Creating the key becomes a separate registry entry. HKLM\...\TransarcAFSDaemon\NetworkProvider\Domain\EXAMPLE.COM (Create key)

31 HKLM\...\TransarcAFSDaemon\NetworkProvider\Domain\EXAMPLE.COM LogonOptions = 1 We need a component to hold the registry entries. (Don’t forget the key path and GUID) HKLM\...\TransarcAFSDaemon\NetworkProvider\Domain\EXAMPLE.COM (Create key)

32 HKLM\...\Domain\EXAMPLE.COM LogonOptions = 1 Create a new feature to keep our component separate from the rest of the feature-component hierarchy. HKLM\...\Domain\EXAMPLE.COM (Create key)

33 HKLM\...\Domain\EXAMPLE.COM LogonOptions = 1 Attach the feature to the rest of the feature-component hierarchy. HKLM\...\Domain\EXAMPLE.COM (Create key) Client OpenAFS

34 HKLM\...\Domain\EXAMPLE.COM LogonOptions = 1 And again from the top, but this time with Windows Installer tables … HKLM\...\Domain\EXAMPLE.COM (Create key)

35 HKLM\...\Domain\EXAMPLE.COM LogonOptions = 1 Component (Attributes value 4 = msidbComponentAttributesRegistryKeyPath) HKLM\...\Domain\EXAMPLE.COM (Create key)

36 HKLM\...\Domain\EXAMPLE.COM LogonOptions = 1 FeatureComponents HKLM\...\Domain\EXAMPLE.COM (Create key)

37 HKLM\...\Domain\EXAMPLE.COM LogonOptions = 1 Feature (Attribute value 10 = msidbFeatureAttributesFollowParent + msidbFeatureAttributesDisallowAdvertise) HKLM\...\Domain\EXAMPLE.COM (Create key) Client OpenAFS

38 REPLACING CONFIGURATION FILES A walkthrough

39 Overview OpenAFS – Replace the CellServDB in the installer with a custom file.

40 A problem Since Windows Installer transforms do not change the embedded cabinet or source files, we can’t change the CellServDB that is included in the installer.

41 A solution Block the CellServDB file in the installer Include a new CellServDB file – We can either embed the new CellServDB file in the installer or we can place it in the same location as the installer.

42 The ‘Condition’ column

43 Non-existent or empty properties evaluate to FALSE.

44

45 Client OpenAFS CellServDB File table (Attribute 8192=msidbFileAttributesNoncompressed)

46 Client OpenAFS CellServDB Component table (Attributes value 144 = msidbComponentAttributesPermanent + msidbComponentAttributesNeverOverwrite)

47 Client OpenAFS CellServDB Media table (LastSequence = sequence number of last file in media. The value of 1000 makes this the source media for the newly added CellServDB file.)

48 RESOURCES Useful

49 Useful Resources Windows Installer documentation OpenAFS for Windows release notes MIT Kerberos for Windows MSI Deployment Guide

50 Q?

51 THANK YOU Asanka C. Herath Secure Endpoints Inc.

52

Download ppt "Customizing Installers for OpenAFS and MIT Kerberos for Windows Asanka C Herath Secure Endpoints Inc."

Similar presentations

Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
System Center Configuration Manager Push Software By, Teresa Behm.

System Center Configuration Manager Push Software By, Teresa Behm.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Administering Active Directory

Administering Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Lesson 18: Configuring Application Restriction Policies

Lesson 18: Configuring Application Restriction Policies
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Application Repackaging - Naushad Ali T Doddamani.

Application Repackaging - Naushad Ali T Doddamani.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
Performing Software Installation with Group Policy

Performing Software Installation with Group Policy
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Advanced Deployment Topics – MSI Enhancements Om Sharma Program Manager, Windows Installer Microsoft Corporation.

Advanced Deployment Topics – MSI Enhancements Om Sharma Program Manager, Windows Installer Microsoft Corporation.
Understanding Active Directory

Understanding Active Directory

Similar presentations

Ads by Google