Deployment Plan for New Product - Guidance
Hi all,
I hope I can remember all the information to give you a good picture of my issue, but here goes....
We are planning on launching a new product in Q4 of '08, which is basically a server application with thin clients. On the Clients, there will need to be some components placed that deal with the integration of third party applications such as AutoCAD, Microsoft Excel, etc. The question is, what is the best mechanism to get these components to all workstations/clients with as little intervention as possible?
Here are the early requirements for the install:
1) Ease of installation/un-installation
2) Little or No End User Interaction
3) No Need to Have Admin Rights on Target (this is the biggy)
4) No Need to Reboot Target
5) Self Update when Newer Versions Available
-with ability to disable self update
-with ability to force update if so desired
-with ability to dictate update source location.
I'm thinking that the big obstacle, initially, will be #3. I think the powers that be want the installation to install without having to have Admin Rights on the target machines. With this said, I don't know what the actual footprint of the integration components will be (Program Files, System32, HKLM, etc) so I guess its hard to say at this point what to do here.
Initially, the lead developer suggested ClickOnce deployment, but I think this has some limitations regarding where 'stuff' can be placed, written, etc, correct? I did read that you can prevent having to supply credentials if the package is digitally signed with a valid certificate and this certificate has been distributed to the clients/workstations via Group Policy. Is this correct? I'm just wondering if this would be the way to go even if items have to be placed in restricted areas of the File System or Registry.
If Group Policy is involved in making ClickOnce function as required, I'm wondering if I could just use Group Policy to distribute an .msi that we might come up with for these components. I believe I can, but I'm just wondering if this would be best suited for our plans and would be something to look into further.
I guess I should also make mention of the possible hardware configurations that may house the new product....
-File server (vault), web server, application server, database all hosted by our company ‘in the cloud’
-File server (vault) at customer site(s), web server, application server, database hosted by our company ‘in the cloud’
-All servers at customer site
I know there are some third party distribution/deployent products out there that end users would be able to purchase, but I'm wondering what Microsoft technologies might be available with no added monetary deployment cost(s) for the user.
I'm the guy at our company that creates the actual installations (.msi's), but I really don't know anything about network deployment technologies so I guess I have to learn fairly quickly.
Any help, advice, points to information would be greatly appreciated! I read a bit about ClickOnce and I'm currently reading up on Group Policy. If I'm wasting my time with these, please let me know that as well.
Thanks in advance and I'm eagerly looking forward to some responses!
I hope I can remember all the information to give you a good picture of my issue, but here goes....
We are planning on launching a new product in Q4 of '08, which is basically a server application with thin clients. On the Clients, there will need to be some components placed that deal with the integration of third party applications such as AutoCAD, Microsoft Excel, etc. The question is, what is the best mechanism to get these components to all workstations/clients with as little intervention as possible?
Here are the early requirements for the install:
1) Ease of installation/un-installation
2) Little or No End User Interaction
3) No Need to Have Admin Rights on Target (this is the biggy)
4) No Need to Reboot Target
5) Self Update when Newer Versions Available
-with ability to disable self update
-with ability to force update if so desired
-with ability to dictate update source location.
I'm thinking that the big obstacle, initially, will be #3. I think the powers that be want the installation to install without having to have Admin Rights on the target machines. With this said, I don't know what the actual footprint of the integration components will be (Program Files, System32, HKLM, etc) so I guess its hard to say at this point what to do here.
Initially, the lead developer suggested ClickOnce deployment, but I think this has some limitations regarding where 'stuff' can be placed, written, etc, correct? I did read that you can prevent having to supply credentials if the package is digitally signed with a valid certificate and this certificate has been distributed to the clients/workstations via Group Policy. Is this correct? I'm just wondering if this would be the way to go even if items have to be placed in restricted areas of the File System or Registry.
If Group Policy is involved in making ClickOnce function as required, I'm wondering if I could just use Group Policy to distribute an .msi that we might come up with for these components. I believe I can, but I'm just wondering if this would be best suited for our plans and would be something to look into further.
I guess I should also make mention of the possible hardware configurations that may house the new product....
-File server (vault), web server, application server, database all hosted by our company ‘in the cloud’
-File server (vault) at customer site(s), web server, application server, database hosted by our company ‘in the cloud’
-All servers at customer site
I know there are some third party distribution/deployent products out there that end users would be able to purchase, but I'm wondering what Microsoft technologies might be available with no added monetary deployment cost(s) for the user.
I'm the guy at our company that creates the actual installations (.msi's), but I really don't know anything about network deployment technologies so I guess I have to learn fairly quickly.
Any help, advice, points to information would be greatly appreciated! I read a bit about ClickOnce and I'm currently reading up on Group Policy. If I'm wasting my time with these, please let me know that as well.
Thanks in advance and I'm eagerly looking forward to some responses!
0 Comments
[ + ] Show comments
Answers (2)
Please log in to answer
Posted by:
Superfreak3
16 years ago
Also, any points to third party products in addition to any Microsoft deployment technologies that may be available for my purpose(s) would be greatly appreciated!
Thanks!
Thanks!
Posted by:
yarborg
16 years ago
If the product is going to customers outside your control then GPO and digitally signed certs is not a good idea. Mainly because you would have to engage several people of the other company that normally don't deal with software deployment. Also, you open yourself to more potential problems as I believe this is only good for XP+ systems. It also introduces more complexity into your solution which isn't a good selling point.
Most apps written today (especially .Net ones) will install and run without admin rights. The HKLM\Software and HKCU hives are pretty open by default so any settings in there are accessible\writtable by default users. MSI installations will also write to several other places in the registry and usually don't have any issues installing as a normal user. It's when you try to write icons to the "All Users" profile or something similar that you run into issues.
The draw back of Click Once and auto-updating features is that it may not suit every company. Many companies for example want to update all software through their own scheduled process. Also, if you are deploying from the internet you will run into some trust issues with clients and that's where the certs come into play. Make sure there is a way to opt out of the click once and autoupdating installation features for the customers sake. For the initial rollout make sure that you encourage customers to deploy the software to their systems vs sending out an email to the users to do it themselves. You will save some headaches down the road by making sure everyone is deployed to the same way. If only a few customers in a company will be using the software then having them install it as necessary is fine. However, I personally would prefer to just tell someone to download and install the application. Instead of click once it can be "Click-Next" technology...because that is what people do with traditional installations...just click "Next". ;-) Just do your testing before hand to make sure that the MSI installs and the app runs as a normal user.
Also, depending on the frequency of updates in your application you may want to look again at EXE or scripted installations. They are typically easier to update than MSI's and they don't leave as large of a footprint during installation. If you run into issues installing the MSI as a normal user, switch to an exe installation and see if it helps.
And for your customers that may want to deploy this software but don't have a method of doing so, I recommend the Install Solutions tools. Check out the Remote Software Installation Utility.
I hope that helps. Let us know what the final solution is.
Most apps written today (especially .Net ones) will install and run without admin rights. The HKLM\Software and HKCU hives are pretty open by default so any settings in there are accessible\writtable by default users. MSI installations will also write to several other places in the registry and usually don't have any issues installing as a normal user. It's when you try to write icons to the "All Users" profile or something similar that you run into issues.
The draw back of Click Once and auto-updating features is that it may not suit every company. Many companies for example want to update all software through their own scheduled process. Also, if you are deploying from the internet you will run into some trust issues with clients and that's where the certs come into play. Make sure there is a way to opt out of the click once and autoupdating installation features for the customers sake. For the initial rollout make sure that you encourage customers to deploy the software to their systems vs sending out an email to the users to do it themselves. You will save some headaches down the road by making sure everyone is deployed to the same way. If only a few customers in a company will be using the software then having them install it as necessary is fine. However, I personally would prefer to just tell someone to download and install the application. Instead of click once it can be "Click-Next" technology...because that is what people do with traditional installations...just click "Next". ;-) Just do your testing before hand to make sure that the MSI installs and the app runs as a normal user.
Also, depending on the frequency of updates in your application you may want to look again at EXE or scripted installations. They are typically easier to update than MSI's and they don't leave as large of a footprint during installation. If you run into issues installing the MSI as a normal user, switch to an exe installation and see if it helps.
And for your customers that may want to deploy this software but don't have a method of doing so, I recommend the Install Solutions tools. Check out the Remote Software Installation Utility.
I hope that helps. Let us know what the final solution is.
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.