4.7.3
Table Of Contents
- ThinApp User’s Guide
- Contents
- About This Book
- Installing ThinApp
- Capturing Applications
- Phases of the Capture Process
- Preparing to Capture Applications
- Capturing Applications with the Setup Capture Wizard
- Create a System Image Before the Application Installation
- Rescan the System with the Installed Application
- Defining Entry Points as Shortcuts into the Virtual Environment
- Set Entry Points
- Manage with VMware Horizon Application Manager
- Set User Groups
- Defining Isolation Modes for the Physical File System
- Set File System Isolation Modes
- Storing Application Changes in the Sandbox
- Customize the Sandbox Location
- Send Anonymous Statistics to VMware
- Customize ThinApp Project Settings
- Defining Package Settings
- Customize Package Settings
- Opening Project and Parameter Files
- Build Virtual Applications
- Advanced Package Configuration
- Capturing Internet Explorer 6 on Windows XP
- Capturing Multiple Application Installers with ThinApp Converter
- Deploying Applications
- ThinApp Deployment Options
- Establishing File Type Associations with the thinreg.exe Utility
- Building an MSI Database
- Controlling Application Access with Active Directory
- Starting and Stopping Virtual Services
- Using ThinApp Packages Streamed from the Network
- Using Captured Applications with Other System Components
- Performing Paste Operations
- Accessing Printers
- Accessing Drivers
- Accessing the Local Disk, the Removable Disk, and Network Shares
- Accessing the System Registry
- Accessing Networking and Sockets
- Using Shared Memory and Named Pipes
- Using COM, DCOM, and Out-of-Process COM Components
- Starting Services
- Using File Type Associations
- Sample Isolation Mode Configuration Depending on Deployment Context
- Updating and Linking Applications
- Application Updates That the End User Triggers
- Application Sync Updates
- Using Application Sync in a Managed or Unmanaged Environment
- Update Firefox 2.0.0.3 to Firefox 3 with Application Sync
- Fix an Incorrect Update with Application Sync
- Application Sync Effect on Entry Point Executable Files
- Updating thinreg.exe Registrations with Application Sync
- Maintaining the Primary Data Container Name with Application Sync
- Completing the Application Sync Process When Applications Create Child Processes
- Application Link Updates
- View of the Application using Application Link
- Link a Base Application to the Microsoft .NET Framework
- Set Up Nested Links with Application Link
- Affecting Isolation Modes with Application Link
- PermittedGroups Effect on Linked Packages
- Sandbox Changes for Standalone and Linked Packages
- Import Order for Linked Packages
- File and Registry Collisions in Linked Packages
- VBScript Collisions in Linked Packages
- VBScript Function Order in Linked Packages
- Storing Multiple Versions of a Linked Application in the Same Directory
- Using Application Sync for a Base Application and Linked Packages
- Application Sync Updates
- Application Updates That the Administrator Triggers
- Automatic Application Updates
- Upgrading Running Applications on a Network Share
- Sandbox Considerations for Upgraded Applications
- Updating the ThinApp Version of Packages
- Application Updates That the End User Triggers
- Locating the ThinApp Sandbox
- Creating ThinApp Snapshots and Projects from the Command Line
- ThinApp File System Formats and Macros
- Creating ThinApp Scripts
- Callback Functions
- Implement Scripts in a ThinApp Environment
- API Functions
- Monitoring and Troubleshooting ThinApp
- Glossary
- Index
ThinApp User’s Guide
16 VMware, Inc.
Set User Groups
ThinAppcanuseActiveDirectorygroupstoauthorizeaccesstothevirtualapplication.Youcanrestrictaccess
toanapplicationtoensurethatusersdonotpassittounauthorizedusers.
ActiveDirectoryDomainServicesdefinesecuritygroupsanddistributiongroups.ThinAppcanonlysupport
nestedsecuritygroups.
Set user groups in the Setup Capture wizard
1OntheGroups
page,limittheuseraccesstotheapplication.
a SelectOnlythefollowingActiveDirectorygroups.
bClickAddtospecifyActiveDirectoryobjectandlocationinformation.
2 (Optional)ChangethemessagethatappearsforusersthatThinAppcannotauthorize.
Defining Isolation Modes for the Physical File System
Isolationmodesdeterminethelevelofreadandwriteaccesstothenativefilesystemoutsideofthevirtual
environment.Youmightadjustisolationmodesettingsdependingontheapplicationandtherequirementsto
protectthephysicalsystemfromchanges.
Theselectionofisolationmodesinthecaptureprocessdeterminesthe
valueoftheDirectoryIsolationMode
parameterinthePackage.inifile.Thisparametercontrolsthedefaultisolationmodeforthefilescreatedby
thevirtualapplicationexceptwhenyouspecifyadifferentisolationmodeinthe##Attributes.inifilefor
anindividualdirectory.
Theselectionofadirectoryisolationmodedoesnotaffectthe
followingareas:
ThinApptreatswriteoperationstonetworkdrivesaccordingtotheSandboxNetworkDrivesparameter
inthePackage.inifile.Thisparameterhasadefaultvaluethatdirectswriteoperationstothephysical
drive.ThinApptreatswriteoperationstoremovabledisksaccordingtotheSandboxRemovableDisk
parameterinthePackage.inifile.Thisparameterhasadefault
valuethatdirectswriteoperationstothe
physicaldrive.
IfyousavedocumentstothedesktoporMy Documentsfolder,ThinAppsavesthedocumentstothe
physicalsystem.ThinAppsetstheisolationmodeinthe##Attributes.inifilesin%Personal%and
%Desktop%toMergedevenwhenyouselectWriteCopyisolationmode.
Applying Merged Isolation Mode for Modifications Outside the Package
WithMergedisolationmode,applicationscanreadandmodifyelementsonthephysicalfilesystemoutside
ofthevirtualpackage.SomeapplicationsrelyonreadingDLLsandregistryinformationinthelocalsystem
image.
TheadvantageofusingMergedmodeisthatdocumentsthatuserssaveappearonthephysicalsystem
inthe
locationthatusersexpect,insteadofinthesandbox.Thedisadvantageisthatthismodemightclutterthe
systemimage.Anexampleofthecluttermightbefirst‐executionmarkersbysharewareapplicationswritten
torandomcomputerlocationsaspartofthelicensingprocess.
Option Description
ObjectTypes Specifiesobjects.
Locations Specifiesalocationintheforest.
CheckNames Verifyobjectnames.
Advanced LocatesusernamesintheActiveDirectoryforest.
CommonQueries(underAdvanced)Searchesforgroupsaccordingtonames,descriptions,disabledaccounts,
passwords,anddayssincelastlogin.