Embed Size (px)
Citation preview
Configuration Manager
Windows Store for Business und wie
brauchen wir ihn zum Arbeiten?
Was ist Project Centennial?
Mirko Colemberg
Pascal Berger
About me…
Mirko ColembergbaseVISION AG
Microsoft MVP: Enterprise Mobility
Contact MeTwitter: mirkocolembergBlog: http://blog.Colemberg.ch/Mail: [email protected]
About me…
Pascal BergerbaseVISION AG
Principal Workplace ConsultantService Owner WimAsAService
Contact MeTwitter: @bergerspascalBlog: https://workplace.visionMail: [email protected]
WSfB limitations
WSfB Integration to BusinessUsing daily
Using in Business with OMA-URI
Integrate to Intune or CM 1605TP
Project Centennial
How it works as a Developer
Agenda
Windows 10 1511 (10.10586.x) or newer
AAD like Office 365 / intune / Azure
WSfB limitations
Sign up
Manage Apps, Free Apps, Buy Apps, LOBPrivate StoreLOBAssign
(wsreset.exe)
DEMO
WSfB Using daily
Just run WSfB
OMA-URI key./User/Vendor/MSFT/Policy/Config/ApplicationManagement/RequirePrivateS
toreOnly
Using in Business with OMA-URI
Project Centennial Übersicht
Die verschiedenen Namen:
• Desktop App Converter
• Desktop Bridge
• Project Centennial
Die Ziele:
• «Old-School» Desktop-Apps für die Universelle Windows-Plattform (UWP) konvertieren (Appx)
• Weiter verwenden der Code-Base
• Saubere Installation und Deinstallation
Project Centennial Vorteile
Für uns als Admins bietet das ganze die folgenden Vorteile:
• «Old-School» Apps via Store for Business
• «Old-School» Apps via Config Manager / Intune Hybried.
• Diese Appx können wir auch via Config Manager direkt verteilen.
Voraussetzungen zum Erstellen
OS:
• Windows 10 Enterprise Edition Preview (Build 10.0.14316.0 und höher)
• Achtung der neuste Insider Preview Build (14366) hat ein Problem
HW:
• 64-Bit (x64)-Prozessor
• Hardwareunterstützte Virtualisierung
Download:
http://go.microsoft.com/fwlink/?LinkId=785437
Weitere Infos:
https://msdn.microsoft.com/windows/uwp/porting/desktop-to-uwp-run-desktop-app-converter
Voraussetzungen zum Verwenden
OS:
• Windows 10 Enterprise Edition Preview (Build 10.0.14316.0 und höher)
HW:
• 64-Bit (x64)-Prozessor
Benötigte Komponenten
Windows Software Development Kit (SDK) für Windows 10:
• MakeAppx.exe
• MakeCert.exe
• pvk2pfx.exe
• signtool.exe
DesktopAppConverter.zip
BaseImage-14352.wim oder ganze neu BaseImage-14361.wim
Einrichten via Powershell
ACHTUNG: PowerShell IMMER als Admin ausführen!!
• .\DesktopAppConverter.ps1 -setup -BaseImage"%RichtigerPfad%\BaseImage-14342.wim" –verbose
• Falls nötigt führt das Script selbständig einen Reboot aus und fährt dann weiter.
Das WIM wird dann entpackt nach C:\ProgramData\Microsoft\Windows\Images\BaseImage-14342\Files
DEMO (Video mit Klick starten)
Einrichten des Clients mittels Video
Konvertieren einer App
Heutige Einschränkungen:
• Immer wieder neues BaseImage nötig.
• Installer muss ein MSI sein oder ein Exe das sich Silent installieren lässtoder ein Script oder Batch.
• Nicht mehrere Shortcuts
• Keine Services
• Keine Treiber
Signieren des Appx
Die Appx Files müssen zwingend signiert werden:
• Seriösen vertrauten Codesign Zertifikat
• Codesign Zertifikat von eigener interner CA
• Self signed Zertifikat.Self signed wird einfach mit dem Store for Business nicht gehen.
Achtung:
Falls Self Signed Certificate muss dieses zu den Trusted Root CertificationAuthorities hinzugefügt werden.
Self Signed Cert erstellen
Die Appx Files müssen zwingend signiert werden:
makecert.exe -r -h 0 -n ""CN=pdblab"" -eku 1.3.6.1.5.5.7.3.3 -pe -svpdblab.pvk pdblab.cer
pvk2pfx.exe -pvk pdblab.pvk -spc pdblab.cer -pfx pdblab.pfx
Konvertieren einer App
Via Powershell:
."\DesktopAppConverter.ps1" –Installer %PfadZuInstaller%
-InstallerArguments %Argumente% –Destination %ZielPfad% -PackageName%AppxName% -Publisher %PublisherName% -Version %Version%
-MakeAppx –verbose
z.B:
."\DesktopAppConverter.ps1" –Installer C:\TEMP\Blitzrechnen.msi
-InstallerArguments "/qb" –Destination C:\TEMP\Blitzrechnen_App
-PackageName "Blitzrechnen" -Publisher "CN=pdblab" -Version "34.0.0.0"
-MakeAppx -verbose
Signieren des Appx
signtool.exe sign -f pdblab.pfx -fd SHA256
-v C:\Temp\Blitzrechnen_App\Blitzrechnen.appx
DEMO
Konvertieren einer App und signieren
Andere Wege zum Konvertieren
Diverse anderes Tools können auch Appx aus Win32 Apps erstellen.
• InstallShield
• http://wixtoolset.org
• Advanced Installer
DEMO Advanced Installer (Video mit Klick starten)
Installieren eines Appx
• Windows Store und Windows Store for Business
• MDM (Microsoft Intune)
• Config Manager
• Doppelklick
• Add-AppxPackage
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Visual StudioDo not Use Visual Studio preview or Win 10 previewSigning Certificate to the Project (one for every Projekt, Malware Cert revoke)
Developer CenterSend the Invitation to the Manager of the Center’s MS-LiveID MailApprove the invitationChange the App (after uploading to LOB) and select the Store of the CompanyPublish takes the same Way as “normal Apps” to the Store
WSfBShow in LOB apps
How it woks as a Developer
Share your ideas
• Share your voice / ideas!• http://microsoftintune.uservoice.com/
• http://configurationmanager.uservoice.com/
Weitere Infos
Digicomp Kurse https://www.microsoft.com/learning/en-us/course.aspx?ID=20695A&Locale=en-us
https://www.microsoft.com/learning/en-us/course.aspx?ID=20696c&Locale=en-us
https://www.microsoft.com/en-us/learning/course.aspx?cid=20398a&loc=en-us
https://www.microsoft.com/en-us/learning/course.aspx?cid=20697-2&loc=en-us
Danke
Herzlichen DankMirko Colemberg @mirkocolemberg @configmgr_ch #cmce_ch blog.colemberg.ch
Pascal Berger @bergerspascal
Bewertung der Session: Configmgr.ch / azureems.ch• Xing: https://www.xing.com/net/cmce
• Facebook: https://www.facebook.com/groups/411231535670608/
• Linkedin: http://www.linkedin.com
• Twitter: https://twitter.com/configmgr_ch
Nächster Event: Freitag 7. Oktober Digicomp Zürich
