deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-11 04:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/configuration/provisioning-packages/provision-pcs-with-apps.md
Chris J. Lin ef1c69b439
Release mcc ent (#1) 
* smb adds

* smb adds

* formatting

* private preview and support content

* edit removed and dep

* Fix blocking issues

* Acro-fix

* 24H2 CSP Updates

* Fix link

* fix link in dep page

* edit

* edit index file

* syntax-fix-24h2

* ltsc-edits

* ltsc-edits

* lichris-docs-1

* Acrolinx improvements

* refresh for maxado-8631996

* update link for maxado-8631993

* additional edits, acrolinx

* ltsc-tw

* contentsource-8914508

* contentsource-8914508

* Updates for 1 October release

* Set stale debug to false

* update gp link for 24h2

* additional changes

* Changes to updates, acrolinx changes

* fixes broken links

* Fixed alignment issues

* updates from Rafal

* fixed acrolinx

* so many link fixes

* added release notes and troubleshoot content

* updates

* Update security-compliance-toolkit-10.md

Added Windows 11 24H2

* Update get-support-for-security-baselines.md

Updated for Windows 11 24H2

* bump date

* bump date

* fix pde comment

* fixing broken link

* Fix broken redirections

* fix to rel link

* reset head, fix link

* add cli to deploy, add script to cli

* removing "mcce"

* edits to create page

* Update default and global release policies OS version and dates to latest release values

* emoved e from mcce and other changes

* updated example script

* added important notice to update page

* more update page changes

* clarified how proxy configuration is used

* anonymizing variables in example script

* revise example script

* acrolinx fixes to update page

* changes to other pages and content in overview page

* Update broken link

Update broken link

* Update windows-sandbox-configure-using-wsb-file.md

Update `HostFolder` value description in `MappedFolder`, specifying that the path could be absolute or relative, not only absolute as, instead, is for the `SandboxFolder` value.

* Remove bad link

Removed bad link. There is already a second link referring to content so no need to replace the link.

* docfx update for security book

* Correct TOC entry changing Windows 10 to Windows

* Update whats-new-do.md

- Vpn to VPN
- Minor improvements

* Updated date for freshness reporting

* Add EOS callout

Fix some obvious Acrolinx issues

* Fixed typo added clarity

* Update mcc-ent-deploy-to-windows.md

* Update .openpublishing.redirection.windows-deployment.json

* Update .openpublishing.redirection.windows-deployment.json

* Update policy-csp-localpoliciessecurityoptions.md

* Correct indentation and spacing

* Acrolinx: "Enteprise"

* Update mcc-ent-edu-overview.md

* refresh

* Remove redirection and final bits of store-for-business

store-for-business, AKA /microsoft-store/, is retired, and the content is archived in officearchive-pr. This archival was for ADO task 9268422.

* added support content and other changes

* fixed tabs

* fixed tabs

* Updated device reg policy and group information

* Update delivery-optimization-endpoints.md

Added a line item in MCC table for Outlook *res.cdn.office.net requirement

* freshness review

* Fix broken links

* Minor change

* content for faq

* changes to landing page

* more content to faqs

* pencil edit

* add copilot exps link

* edits and ren cli file temporarily

* ren file back and edit toc to lowercase

* edit

* edit

* edit

* Update windows-autopatch-configure-network.md

Adding a new network endpoint required for the service 'device.autopatch.microsoft.com' @tiaraquan

* Clarify some points and remove data that is confusing to customers.

* fix syntax

* Sentence correction

* Update windows/deployment/do/waas-delivery-optimization-faq.yml

Co-authored-by: Meghan Stewart <33289333+mestew@users.noreply.github.com>

* Update windows/deployment/do/waas-delivery-optimization-faq.yml

Co-authored-by: Meghan Stewart <33289333+mestew@users.noreply.github.com>

* moved shortcuts under policy settings article

---------

Co-authored-by: Alma Jenks <v-alje@microsoft.com>
Co-authored-by: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Co-authored-by: Stacyrch140 <102548089+Stacyrch140@users.noreply.github.com>
Co-authored-by: Nidhi Doshi <77081571+doshnid@users.noreply.github.com>
Co-authored-by: Gary Moore <5432776+garycentric@users.noreply.github.com>
Co-authored-by: Vinay Pamnani (from Dev Box) <vinpa@microsoft.com>
Co-authored-by: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Co-authored-by: Aaron Czechowski <aczechowski@users.noreply.github.com>
Co-authored-by: Aditi Srivastava <133841950+aditisrivastava07@users.noreply.github.com>
Co-authored-by: Daniel H. Brown <32883970+DHB-MSFT@users.noreply.github.com>
Co-authored-by: David Strome <21028455+dstrome@users.noreply.github.com>
Co-authored-by: Padma Jayaraman <v-padmaj@microsoft.com>
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Co-authored-by: Rebecca Agiewich <16087112+rjagiewich@users.noreply.github.com>
Co-authored-by: Rick Munck <33725928+jmunck@users.noreply.github.com>
Co-authored-by: Tanaka <Huios@users.noreply.github.com>
Co-authored-by: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Co-authored-by: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Co-authored-by: Davide Piccinini <davide.piccinini.95@gmail.com>
Co-authored-by: Phil Garcia <phil@thinkedge.com>
Co-authored-by: Learn Build Service GitHub App <Learn Build Service LearnBuild@microsoft.com>
Co-authored-by: tiaraquan <tiaraquan@microsoft.com>
Co-authored-by: Caitlin Hart <caithart@microsoft.com>
Co-authored-by: Harman Thind <63820404+hathin@users.noreply.github.com>
Co-authored-by: [cmknox] <[cmknox@gmail.com]>
Co-authored-by: Carmen Forsmann <cmforsmann@live.com>
2024-10-17 11:34:07 -07:00

10 KiB
Raw Blame History

title, description, ms.topic, ms.date
title description ms.topic ms.date
Provision PCs with apps Learn how to install multiple Universal Windows Platform (UWP) apps and Windows desktop applications (Win32) in a provisioning package. how-to 07/09/2024

Provision PCs with apps

You can install multiple Universal Windows Platform (UWP) apps and Windows desktop applications (Win32) in a provisioning package. This article explains the various settings in Windows Configuration Designer for app install.

When you add an app in a Windows Configuration Designer wizard, the appropriate settings are displayed based on the app that you select. For instructions on adding an app using the advanced editor in Windows Configuration Designer, see Add an app using advanced editor.

Important

If you plan to use Intune to manage your devices, we recommend using Intune to install Microsoft 365 Apps for enterprise. Apps that are installed using a provisioning package cannot be managed or modified using Intune. Learn how to add Microsoft 365 Apps to Windows devices with Microsoft Intune.

Settings for UWP apps

  • License Path: Specify the license file if it's an app from the Microsoft Store. This is optional if you have a certificate for the app.
  • Package family name: Specify the package family name if you don't specify a license. This field will be autopopulated after you specify a license.
  • Required appx dependencies: Specify the appx dependency packages that are required for the installation of the app

Settings for Windows desktop applications

MSI installer

  • Command line arguments: Optionally, append more command arguments. The silent flag is appended for you. Example: PROPERTY=VALUE
  • Continue installations after failure: Optionally, specify if you want to continue installing more apps if this app fails to install
  • Restart required: Optionally, specify if you want to reboot after a successful install of this app
  • Required win32 app dependencies: Optionally, specify more files that are required for the installation of the app. For installers that have multiple file dependencies or have directory structures, create a cab file of the assets. The installation script should include expansion of the .cab file.

Note

You can find more information about command-line options for Msiexec.exe here.

Exe or other installer

  • Command line arguments: Append the command line arguments with a silent flag (required). Optionally, append more flags
  • Return Codes: Specify the return codes for success and success with restart (0 and 3010 by default respectively) Any return code that isn't listed is interpreted as failure. The text boxes are space delimited.
  • Continue installations after failure: Optionally, specify if you want to continue installing more apps if this app fails to install
  • Restart required: Optionally, specify if you want to reboot after a successful install of this app
  • Required win32 app dependencies: Optionally, specify more files that are required for the installation of the app. For installers that have multiple file dependencies or have directory structures, create a cab file of the assets. The installation script should include expansion of the .cab file.

Add a Windows desktop application using advanced editor

  1. In the Available customizations pane, go to Runtime settings > ProvisioningCommands > PrimaryContext > Command.

  2. Enter a name for the first app, and then select Add.

    enter name for first app.

  3. Configure the settings for the appropriate installer type.

    enter settings for first app.

Add a universal app to your package using advanced editor

Universal apps that you can distribute in the provisioning package can be line-of-business (LOB) apps developed by your organization, Microsoft Store for Business apps that you acquire with offline licensing, or non-Microsoft apps. This procedure assumes you're distributing apps from the Microsoft Store for Business. For other apps, obtain the necessary information (such as the package family name) from the app developer.

  1. In the Available customizations pane, go to Runtime settings > UniversalAppInstall.
  2. For DeviceContextApp, specify the PackageFamilyName for the app. In Microsoft Store for Business, the package family name is listed in the Package details section of the download page.
  3. For ApplicationFile, select Browse to find and select the target app (either an *.appx or *.appxbundle).
  4. For DependencyAppxFiles, select Browse to find and add any dependencies for the app. In Microsoft Store for Business, any dependencies for the app are listed in the Required frameworks section of the download page.
  5. For DeviceContextAppLicense, enter the LicenseProductID.
    • In Microsoft Store for Business, generate the unencoded license for the app on the app's download page.
    • Open the license file and search for LicenseID= to get the GUID, enter the GUID in the LicenseProductID field and select Add.
  6. In the Available customizations pane, select the LicenseProductId that you just added.
  7. For LicenseInstall, select Browse, navigate to the license file that you renamed <file name>.ms-windows-store-license, and select the license file.

Learn more about distributing offline apps from the Microsoft Store for Business.

Important

Removing a provisioning package will not remove any apps installed by device context in that provisioning package.

Add a certificate to your package

  1. In the Available customizations pane, go to Runtime settings > Certificates > ClientCertificates.
  2. Enter a CertificateName and then select Add.
  3. Enter the CertificatePassword.
  4. For CertificatePath, browse and select the certificate to be used.
  5. Set ExportCertificate to False.
  6. For KeyLocation, select Software only.

Add other settings to your package

For details about the settings you can customize in provisioning packages, see Windows Provisioning settings reference.

Build your package

  1. After you configure the provisioning package, on the File menu, select Save.

  2. Read the warning that project files may contain sensitive information, and select OK.

    When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files aren't encrypted. Store the project files in a secure location, and delete the project files when they're no longer needed.

  3. On the Export menu, select Provisioning package.

  4. Change Owner to IT Admin, which sets the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select Next.

  5. Set a value for Package Version.

    Tip

    You can make changes to existing packages and change the version number to update previously applied packages.

  6. Optional. In the Provisioning package security window, you can choose to encrypt the package and enable package signing.

    • Enable package encryption - If you select this option, an autogenerated password is shown on the screen.
    • Enable package signing - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by selecting Select... and choosing the certificate you want to use to sign the package.

    Tip

    We recommend that you include a trusted provisioning certificate in your provisioning package. When the package is applied to a device, the certificate is added to the system store. Any package signed with that certificate can be applied silently.

  7. Select Next to specify the output location where you want the provisioning package to go once it's built. By default, Windows ICD uses the project folder as the output location. Optionally, you can select Browse to change the default output location.

  8. Select Next.

  9. Select Build to start building the package. The project information is displayed in the build page and the progress bar indicates the build status. If you need to cancel the build, select Cancel. This cancels the current build process, closes the wizard, and takes you back to the Customizations Page.

  10. If your build fails, an error message shows up that includes a link to the project folder. You can scan the logs to determine what caused the error. Once you fix the issue, try building the package again. If your build is successful, the name of the provisioning package, output directory, and project directory is shown.

    • If you choose, you can build the provisioning package again and pick a different path for the output package. To do this, select Back to change the output package name and path, and then select Next to start another build.
    • If you're done, select Finish to close the wizard and go back to the Customizations Page.

  11. Select the output location link to go to the location of the package. You can provide that .ppkg to others through any of the following methods:

    • Shared network folder
    • SharePoint site
    • Removable media (USB/SD)
    • Email

Next steps

[!div class="nextstepaction"] Learn more about applying a provisioning package:

Apply a provisioning package