NT Applications Support – Status and Future Developments Christian Trachimow, DESY 11/7/2015 The DESY WindowsNT Group.
Download ReportTranscript NT Applications Support – Status and Future Developments Christian Trachimow, DESY 11/7/2015 The DESY WindowsNT Group.
NT Applications Support – Status and Future Developments Christian Trachimow, DESY 11/7/2015 The DESY WindowsNT Group 1 The Product NetInstall 4.2 / 5 from InstallShield / NetSupport more than 500,000 clients in Germany cooperation with InstallShield for worldwide distribution price: $18 / client Technical highlights “Software on demand”: This feature provides a synchronization between user part and workstation part. If a user launches an application for the first time, NetInstall checks, which part is missing and installs it “Local security management”: All commands which needs administrative privileges are executed through a service without splitting installation script DESY 11/7/2015 The DESY WindowsNT Group 2 Classification of Support The Fully Controlled PC positioned for task oriented user Centrally installed, configured, maintained and managed Full responsibility for the PCs The User Configurable PC positioned for sophisticated user Centrally installed, locally configured and maintained Partial responsibility: availability of services, applications, etc. The non-maintained PC if you think you need it, OK, but abide by the rules no responsibility taken at all, “good NT-keeping” rules enforced DESY 11/7/2015 The DESY WindowsNT Group 3 The Yellow PC User can be local administrator Basic Setup can be installed on every PC PC is managed by user or group administrator User can install all programs at his owns risk NetInstall is just a AddOn Service installed applications are not affected setup takes 1 - 10 minutes Application Service with NetInstall Install and uninstall whatever you want During installation the user is asked for a local path When applications have to be updated the user is asked at logon if the update should be installed right now, at next logon or never shared responsibility DESY 11/7/2015 The DESY WindowsNT Group 4 The Green PC User is not allowed to be local administrator Basic setup has to be installed on plain PC only group administrators or domain admins are in administrators group local security restrictions to OS (parts from the ZAK) User can only install applications, which don´t override existing files some tools cannot be used, e.g. regedit, Service Manager, ... Application Service with NetInstall Some applications are preinstalled Install / uninstall with interactive installer whatever you want every installation restricts the file access to the files which are installed Updates are done automatically at logon, but user can delegate it to next logon group admins or central services are fully responsible 11/7/2015 The DESY WindowsNT Group DESY 5 Status The use of NetInstall Red NetInstall PCs Green Yellow Total Number 18 % 82 % 200 900 1400 Green PC Number of PCs 300 1100 Hera controls (50), administration (80), other people (70) 3 NetInstall databases with 50 packages Hamburg / Zeuthen / Hera Controls DESY 11/7/2015 The DESY WindowsNT Group 6 Support Yellow PC precondition: trust between users and service providers user has control about updates (!!!) application support is an AddOn service widely accepted service Green PC centrally supported no trust to the user (but to group administrator) only accepted by some groups important for public PCs DESY 11/7/2015 The DESY WindowsNT Group 7 Psychological Aspects What PC users said (and still say) PC is a universal tool that has a voice on the daily work The key of success and the challenge was to loose the users distrust in central services ... “This is my PC !” / “I need full control !” / “I need this application now!” / “You have to support me !” accusation: domination / dictate ... and to establish a group administrators structure 11/7/2015 They are the natural speakers of their groups They focus the needs of their users Help us to keep users under controls / educate their users The DESY WindowsNT Group DESY 8 The Role of Central Services Democratization of the Desktop The user has become more powerful and more independent than before the arrival of the PC. This must actually be seen as a good thing! Service Provider Central Services have to offer the user community services that it needs and that it wants to use. The services must be “sold” to the community. Primus inter Pares Central Services will remain an important service provider, but it will not remain the only one, or, for a given user, the most important one. The focus should be on services that a computing center excells in naturally. Cooperative Computing Rules, service designs and implementations have to be defined in close cooperation with the user groups. An important role in future will be as facilitator of services between local groups and as information broker. DESY 11/7/2015 The DESY WindowsNT Group 9 Building Application Packages Easy installation of local packages amount of time NetInstall script Green PC 1. Scan PC configuration 2. Install and configure application 3. Scan PC configuration again 4. Test the script find out which files and directories need write access Shared installations separate read only from write data, reengineer application Do we need shared applications and Green PCs ? DESY 11/7/2015 The DESY WindowsNT Group 10 Building Application Packages (cont.) Configuring application Maintaining applications Needs expertise of application problem: how to migrate user settings between different versions Problems with special applications IE4: setup is dynamic, more a operating system upgrade than an application Office 2000: Installation with Windows Installer provides new functionality (installation on demand, auto check, ...). This functionality is lost when using a “static” NetInstall script. DESY 11/7/2015 The DESY WindowsNT Group 11 Migration to NetInstall V5 Problems with NetInstall 4 synchronization between 3 sites / databases replication of packages between 3 sites test / production database are separated setups laptop support NetInstall 5 features Multi-Database Multi-Server support which includes Load balancing / fail over Replications DESY 11/7/2015 The DESY WindowsNT Group 12 NetInstall 5 Site Structure ORG - DESY OU - DESY Hamburg SITE - backoffice SERVER A SERVER B OU - DESY Zeuthen SERVER C DESY 11/7/2015 The DESY WindowsNT Group 13 NetInstall 5 at DESY NetInstall 5 is used by “Hera Controls” Each packages had to be migrated Two servers hold packages for redunancy Clients are migrated automatically Migration of packages and databases in Hamburg and Zeuthen will start in October Add features to standard behaviour Every package builder gets own database Laptop support DESY 11/7/2015 The DESY WindowsNT Group 14 Application Support in the future based on Windows Installer ? Package contains information to install/uninstall an application consists of .msi file and some source files / cabinet files .msi consists of Installation database Summary information stream Data stream Packages organized around features and components Feature: Component: DESY 11/7/2015 The DESY WindowsNT Group 15 Windows Installer Features Installation mechanism Installer (service) is instructed to install a feature Installer queries database to generate installation script Installation can be performed by a process with elevated privileges Rollback: during installation a rollback script is generated Advertisement Assigning application appears to the user (shortcut) Publishing Application appears to other application (published to shell: installed by file accociation / MIME association) DESY 11/7/2015 The DESY WindowsNT Group 16 Windows Installer Features Installation on demand Resiliency Idea: recover gracefully from broken components But: a set of API functions which has to be implemented by software will be used only for vital components Customization User can call functionality in abscence of the files itself databases can be merged or transformed Will be used for patches / customization database contains a state description of the application DESY 11/7/2015 The DESY WindowsNT Group 17 Example: Registry tables DESY 11/7/2015 The DESY WindowsNT Group 18 Installing application with W2000 Applications will come with a description of the installation state (.msi database) Software management will be package oriented Less intallation problems / less inconsistencies repackageing or reengeneering is not needed Local as well as shared installations can be mixed It will take time until the spirit of the Logo program reaches the programmers ( „Local security management“ / „Software on demand“) During the next two years most software will come with „good“ databases Installation process itself and the consistency become less important DESY 11/7/2015 The DESY WindowsNT Group 19 Software distribution Additional tool to is needed for Policy based management not clear Configure / maintain versions !!! Pakete erstellen, die kein .msi mitbringen Anpassen Patches Migration / Pflege der Usereinstellungen Depends on the programs Green PC is dead / Nice concept is dead Think of functionality (define collections ...) More degrees of freedom: many features are availabe/ shared vs local / on demand vbs preinstalled 11/7/2015 The DESY WindowsNT Group DESY 20 DESY 11/7/2015 The DESY WindowsNT Group 21