Spoon.Net and ZENworks Application Virtualization are missing something. Once the application is deployed, how do you mange, change or configure that application? (Are you going to re-package the application and redeploy each time? That’s crazy!) Watch this video (exclusively for Spoon.net and Zenworks Application Virtualization customers) to see exactly how to manage your virtualized apps using Group Policy (or Zenworks) and PolicyPak.
PolicyPak extends Group Policy to Spoon / Novell ZENworks App Virtualization video transcript
Hi, this is Jeremy Moskowitz, Group Policy MVP and Founder of PolicyPak Software. In this video, I’m going to show you how you can manage your Spoon Server or your ZenWorks Application Virtualization server virtualized applications using PolicyPak.
You can do this either using Group Policy or your own systems management tool.For instance, the Spoon Server here or Novell ZenWorks or SCCM – anything you want – but we happen to be using Spoon Server and also Group Policy in this demonstration.
For starters, let’s set the stage. The problem is that if your applications are virtualized, then there’s no way for regular Group Policy or your management to get inside the settings and/or lock down the applications.
Long story short is that if you are not managing your application settings inside your virtualized applications, then you’re not doing the best job you can to keep secure. Let’s go ahead and run “Firefox with Spoon (PolicyPak)” here. Firefox is one of those applications that you’re going to want to make sure is configured exactly the way you want.
You might want to set a “Home Page” and make sure that these important“Security” settings are always ensured on. Now if we were just to rerun this application, you can see that there’s just nothing that’s helping you at this point.
This is where PolicyPak comes in. If we go over to our server world, you can see I’ve got my “Spoon Server” here. Nothing about PolicyPak is done on the Spoon Server directly. Everything is either using Group Policy or your own systems management tool.
What I’m going to do is I’m going to “Create a GPO in this domain, and Link it here…,”and I’ll call this “Deliver and lock down important settings.” What I’ll do is I’ll right click over this Group Policy Object and click “Edit…” here and link it over to our “East Sales Users.” Under our user side “PolicyPak/Applications/New/Application,”I will pick “PolicyPak for Adobe Reader X” first.
PolicyPak ships with over 35 preconfigured applications ready to go, like Java, Flash, Firefox, WinZip, Acrobat – the list goes on and on and on. I just happen to have those three ready to go right now.
I go to “Security (Enhanced),”and I want to ensure that “Enable Enhanced Security”is in fact checked. If I right click over this guy and click “Disable corresponding control in target application,”once again we’re going to ensure that our settings are delivered.
If we go to “Updater,” let’s go ahead and “Do not download or install updates automatically.”Once again, we’ll “Disable corresponding control in target application.”
While I’m also here, let me go to “PolicyPak for Mozilla Firefox” and let’s take a look at this. Let’s go ahead and set our Firefox settings to “www.policypak.com” and also ensure that our “Security” settings are always set.
Once we’ve done that, let’s go back over to the target machine. Let’s run “gpupdate,”or we could pretend we’re logging off or logging back on or getting a new computer or starting a new Terminal Services or Citrix session or anything else that would refresh Group Policy.
Now again, we happen to be using Group Policy in these examples, but you don’t have to. If you would like to wrap up your PolicyPak directives and deliver them using Novell ZenWorks or SCCM, you can do that. We just happen to be using Group Policy in these examples.
Let’s go ahead and close that, and now let’s go ahead and rerun “Acrobat with Spoon (PolicyPak)” first. If we go to “Edit/Preferences…”here, you’re going to see PolicyPak doing its superpowers and magic.
Let’s head over to “Firefox with Spoon (PolicyPak).” If we go to “Options,” you can see the “Security” settings are all set and our “www.policypak.com” is delivered as the “Home Page.”If we make this “www.abc.com” or something we shouldn’t do and close this out and rerun the application, as soon as we rerun the application our settings are redelivered and re-guaranteed.
To recap everything you just saw, you can cheerfully use PolicyPak to deliver your actual application settings and optionally lock them down so users can’t work around them. You want to do this for both your real applications and your Spoon/Novell ZenWorks application virtualization apps. The point of the story is once you have your applications deployed, it’s super important to manage those settings so that your IT directives are adhered to.
If you want to figure out how we did this, I’m going to pause the videotape here. Then what we’ll do is I’ll show you exactly what’s required if you are already a Spoon or Novell ZenWorks Application Virtualizationcustomer and show you exactly what you have to do to make PolicyPak work with your already virtualized projects and apps. OK? Stay tuned.
If you want to PolicyPak enable your own Spoon applications, it’s really easy to do. By way of example, I’ve already got all your project files ready to rock. For instance, here I’ve got a Spoon project for Firefox, “FF-Project.”
I’m going to go ahead and go and “Open Configuration” there, and I’ll go over to the “FF-Project” I have and open that guy up. There we go. We can see it’s being loaded into the “Spoon Virtual Application Studio 2012” or the Novell ZenWorks Application Virtualization Studio, it’s going to do the same exact thing.
What you’re going to want to do is, of course, change the “Project type” to “Component,”becauseif we want to use this on the server we need to have a component and not a raw application.
In either case, what you’re going to do is you’re going to go to “Settings” and then “Startup Settings” right here. What you’re going to do is you’re going to utilize what’s called the “Startup shim DLL.” We here at PolicyPak provide that to you. Again, it’s the same exact shim. It’s called “PPSpoonShim.dll.” We provide this for you, and it works the same for every Spoon application and every Novell ZenWorks virtualizedapplication. If you want to PolicyPak enable your applications, this is what you do.
When you’re ready to go, you will simply “Build” it. Once that’s done, you will then have a file that you can then bring and import into your Spoon Server or your Novell ZenWorks Virtualizationserver.That’s it. That’s how simple it is.
The secret sauce is what happens is that at launch time for the application, PolicyPak will run this “PPSpoonShim,” perform our PolicyPak magic and because our client side extension is on the target machine, we will do all the PolicyPak goodness. That’s it.
If you are ready to get started and you want to test this all out yourself, we are happy to supply the PPSpoonShim DLL to any customer or prospect who asks.
Thanks so much, and we’ll look forward to talking to you soon. Thanks.