Adobe Customization Wizard in 6 Quick Steps
- Be sure that you have the most recent version of Reader.
- Install the Adobe Customization Wizard for Reader X. (ftp)
- Extract the .MSI from the AdbeRdr10xx_yy_zz.exe file.
- Start the wizard and open the AcroRead.msi file.
- Customize to your hearts content.
- Save your project (which creates the TRANSFORM file, AcroRead.mst).
***Note: Note that this method of installing Adobe Reader is intended for new installations of Adobe Reader X. If you are upgrading from an existing Adobe Reader X (e.g. upgradging from version 10.1.0 to 10.1.3) you only need to run the MSP file (you will extract that later in this article).***
After installing the customization wizard it's time to extract the AcroRead.msi from the Reader EXE. (see video)
To extract the files, open a command window and navigate to the path of your Adobe Reader EXE file and run the appropriate command. For this example we will run:
AdbeRdr1012_en_US.exe -nos_o"<file_path>" -nos_ne
This will open the extraction window.
Verify that your extracted files exist and you are now ready to open the customization wizard.
Open the customization wizard and select File > Open. Navigate to your extracted files and select the AcroRead.msi. You will now be able to make customizations to Adobe Reader.
Note the left panel and the sections listed.
While you can do quite a bit, we're going to focus on the following four sections:
- Installation Options
- Online and Acrobat.com
Select "Installation Options" and ensure that "Silently (no interface)" is selected. This allows you to push the installation to all your computers without disturbing your users. Also, ensure that "Suppress reboot" is selected.
Next let's jump to the "Shortcuts" section. We are going to prevent the Adobe Reader shortcut from being placed on the All Users Desktop.
Right click on the desktop icon and select Remove.
Next move on down to EULA. This is a handy step that allows you, as representative of your company, to auto accept the End User License Agreement between your company and Adobe. This means that the first time your users open Adobe Reader they won't be nagged to accept the EULA. It's a minor thing, but it does help prevent help desk calls from confused users.
Lastly we have "Online and Acrobat.com". I call this the phone-home section. Most companies like to control when patches are deployed, and making changes here will prevent each installation of Reader from contacting Adobe to check for updates.
I suggest checking the following four boxes:
- Disable all updates
- In Adobe Reader, disable Help > Purchase Adobe Acrobat
- Disable Product Improvement Program
- Disable all Acrobat.com access...
That's it. Unless you have more changes that you'd like to make, you're now ready to save your work (which will create the transform file AcroRead.mst).
Preparing for Deployment
When you deploy Adobe Reader 10 you call this transform file which contains your customizations, including pushing silently, suppressing reboot, auto accepting the EULA, whacking that annoying desktop icon, and stopping the numerous Adobe phone-homes.
Fridays' blog will demonstrate installing Adobe Reader 10 silently but just in case you can't wait, here is the usage.
To push from the command line, you would enter:
msiexec.exe -i <path>\AcroRead.msi TRANSFORMS=AcroRead.mst
Using the free version of PDQ Deploy to push Reader 10? You can import the Reader 10 installer file here.
See our video of the Adobe Customization Wizard for Reader 10 now.
Here are some resources for your Adobe Reader deployments:
Photo by Northampton Museum
PC Pro has an interesting (if somewhat frightening) article on the "10 most calamitous computer cock-ups." It got me to thinking about all of the times I've screwed things up either with code I've written or by some administration task I've performed. I dare not count them for fear that the number may be bigger than I think (and I can think of a pretty big number!)
What makes these 10 stand out is not so much the mistakes themselves, but the scale of their effect. They are particularly calamitous not because the scope of the error was so large but because the reach of the technology in question. In our own environments, our mistakes are not less calamitous with their own scopes. Accidentally deleting a bunch of user accounts or erasing backup files won't quite effect the same number of people as the blowing up of a gas pipeline, but try telling that to your users when they can't do their work.
Perhaps progress isn't so much a measure of success, but the size of the potential problems. If you are at the point where a simple mistake can cost thousands of hours of productivity, then you've progressed through a series of smaller tragedies to get there. I don't think I'd want anyone in a position to cause a lot of damage unless they've learned how to deal with causing a lot of damage. And learned to be sufficiently scared of pressing the "Submit" button. Not so scared that they don't dare to push it, but scared enough to make it clear that they understand what pushing it may mean. To painfully twist a famous phrase: If you aren't terrified of making a change to production, then you don't fully understand what production is.
To get in the groove while I am scripting I have, historically, found it difficult to listen to audiobooks or podcasts. However, I realized this week that the ACE Broadcasting Network has been the only exception to this rule. I can (and do) listen to both Adam Carolla's and Larry Miller's podcasts while working and I don't get distracted. Hell Yeah.
I have used Microsoft SQL Server Express since 2005 and I am still a huge fan. If this was Facebook I would have, long ago, hit the Like button.
It seems like a lot of Sys Admins have two facebook accounts. A more sterilized one for family and co-workers and an uncensored one for the rest.
I think I am one of only 8 Sys Admins who has never owned, collected or even read, graphic novels.
A disproportionate number of my custom ringtones are taken directly from South Park though my single favorite ringtone is taken from The Big Lebowski (where Donny tells the Dude that his phone is ringing).
Screw what happens in elevators when no one is watching...think of what happens in Server Rooms when there is only one current occupant. ahem.
If your first response to the statement "We have a problem" is a variant of "We better have a meeting" then chances are I don't ever want to meet you.
It's been over a year since I first saw TheWebSiteIsDown and wanted to remind everyone how perfect is their first video, Sales Guy vs. Web Dude.
Follow me on Twitter @ShaneCorellian
"A long dead soldier looks out from the frame
No one remembers his war; no one remembers his name
Go out to the meadow; scare off all the crows
It does nothing but rain here and nothing will grow"
All products will utilimately die. Period. But, like the death rattle of a man dying of terminal flatulence, some products hang on despite Kevorkian-like measures to invite death. I won't list the obvious candidates (Microsoft Vista, Microsoft Me, etc) but here is a special list of 3 massively hyped-up crap that, never should have made it past the third trimester.
Some say that Oracle's Network Computer (NC) was "before it's time". Ellison foresaw the Cloud. So what? If I offered In-flight movies before the Wright Brothers ever got to North Carolina I wouldn't be "ahead of my time" as much as I'd be psychic carny. Where was the infrastructure to support the NC? Where was the demand (in 1996) for network applications or SaaS? Let's face it, the Network Computer was only ever about Larry Ellison trying steal Gates' thunder. It had nothing to do with fulfilling a need or introducing some excellent content to the consumer. It was only about breaking the Windows "monopoly" which, in my opinion, Microsoft already excels at.
To paraphrase Homer: I've seen some [search engines] that sucked but these sucking sucks were the worst sucks that ever sucked". I had about as much chance of finding anything related to my search using Live.com as I had picking Adam's navel lint. The latter was also much more rewarding. Anyway, I'll hand it to Microsoft, BING doesn't suck nearly as bad as Windows Live Search but it still kinda has that Live stank attached to it. I didn't buy a Samsung Fascinate because it forced Bing as the search engine. (Yes, I know that this has been resolved but still, not even providing an avenue to Google?) I ended up, incidentally, buy a Samsung Galaxy Vibrant.
Tivoli Enterprise Console (T/EC)
OK, before any of my Tivoli friends get all aggro on me, I want to say that my beef is actually with the reliance that T/EC Rules had on Prolog.
I remember a T/EC instructor once told me that the reason IBM stuck with Prolog dependency in T/EC was that only Prolog allowed for the speed needed for processing all the Events that came into T/EC. I call B.S. on that. T/EC rule writers have benefited from the reliance on Prolog only because nobody knows or gives a crap about Prolog anymore. T/EC contracting positions are generally fairly lucrative because the 7 guys that know Prolog have been retired for 20 years.
If done right, T/EC actually kicked ass handling event management and correlation.
OK, I better get back to work. As you were...
follow me on twitter @ShaneCorellian
NOTE: JRE 6 update 23 has a different method of silent installation than update 22.
Regular Java updates can be a tedious chore for sys admins to deal with. Sometimes the updates can conflict with previous versions, or more likely, conflict with applications that were built for previous versions of the JRE.
Let's tackle the easy part; installing Java silently to multiple computers simultaneously. As we do with most of our video examples, we'll be demonstrating the installation with our free product, PDQ Deploy.
Download the updated JRE. We're using 6 update 22 in this example.
The file that you download is a self-contained .exe. Within the exe is the installation MSI. Oracle is continuing this approach. While it is possible to extract the MSI, it's not recommended. There are other actions that the EXE is taking.
Since it's not a native MSI, you won't be able to use the integrated MSI handling withing PDQ Deploy, however you can still pass MSI parameters for the deployment.
We have a video demonstrating the deployment of Java, as well as the method for determining the out-of-the-box parameters, or switches, that you can use to install Java silently and to suppress any required reboot.
Next step: troubleshooting. A user recently experienced the lovely and ever detailed error 1603 when deploying Java 6 update 22 using PDQ Deploy. As has been discussed on this blog, the 1603 error is generic, but it often means that the installation was expecting something that it didn't have access to, often a parameter or switch.
Be sure to use the correct switches. You can get the dialog for approved switches by running the JRE in a command window and entering a
before hitting Enter.
The switches to install JRE 6.22 are
If you're discovering that the installation is failing on some of your systems, be sure to turn on logging. You can do this using the following:
/quiet /norestart /l* c:\windows\temp\JRE-6.22.log
Java can be a beast to deal with sometimes. Our user discovered in their log file two different errors which had a lot of chatter on the Java forums. There were numerous work-arounds, but all of them had quite a bit of work involved. (Welcome to the world of Java.)
If you have questions regarding installing Java, or if you'd like to see video examples of other silent software installations, please let us know.
Follow me on Twitter @ShawnAnderson
Get your free copy of PDQ Deploy today.
Photo by Nina Matthews Photography
I've been a big fan of CRACKED.com for a long time (America's Only Humor & Video Site, Since 1958!) and one of the reasons is their grasp of Science and Tech - read: Nerd stuff. It's clear that the writers have a good understanding of these things that the average person just doesn't have. It's refreshing to see humor that doesn't need to be dumbed down (much.)
So, as a treat for those of you not familiar with CRACKED, here are some of my favorite articles for us computerphiles.
5 Things Hollywood Thinks Computers Can Do
How Xerox Invented the Information Age (and Gave it Away)
6 Insane Foreign Memes That Put Lolcats To Shame
7 Ad Campaigns That Prove Microsoft Was Never Good at This
More Proof the Video Game Industry is Out of Ideas (E3 2010)
Dear Hotmail: What The Hell Happened to You?
5 Reasons It's Still Not Cool to Admit You're a Gamer
This is just a sampling of the some of the funniest ones I've seen recently, there's plenty more where they come from. There are literally hundreds of articles to read. Enjoy!
Our previous post discussed using the Office Customization Tool for Office 2010. Now that you have your custom .msp file, you are ready to remotely deploy Microsoft Office 2010.
Ensure that your customized .msp is in the same directory as your setup.exe. We named ours custom-office.msp.
Step 1 - Choose Install File
Using PDQ Deploy, select your setup.exe by clicking on the elipse button.
Be sure to select the "Include Entire Directory" check box. Next enter your msp information in the "Parameters" box.
Because our .msp contains all of our customizations, including installing silently and entering the license key, we won't need to add any additional parameters.
Go ahead and select next step to choose which target computers receive the installation. You have four options to select target computers:
- Manual hostname entry
- Import a text file
- Active Directory
- Admin Arsenal Collections
To change the account that you will install Office with, select "Next Step", or if you are already logged in with that account, go ahead and select "Deploy".
Your installation will begin. It can take a little while for Office to install, depending upon which features and products you are installing. A full installation can easily take over 30 minutes. Your installation status will be displayed as it updates.
We have a video which demonstrates deploying Microsoft Office 2010 available from our YouTube channel (youtube.adminarsenal.com).
The secret to a successful Office deployment rests in using as many .msp's as your organization needs. Afterall, users have different needs. If they simply won't be using certain products in the Office suite, don't install those products. It can simply add clutter to their program menu.
Also, testing is important, especially if you are upgrading to Office 2010 from Office 2003 (i.e. if you skipped '07). The interface has changed quite abit between versions '03 and '10, so be sure your users are prepared for the change.
If you have any tips on successful deployments of Office, please let us know.
Deploying Microsoft Office 2010 - Customization and Deployment Methods, our newest White Paper, goes deeper into the Office Customization Tool as well as highlighting methods to deploy Office without disrupting users. Download your free copy today!
Follow me on Twitter: @ShawnAnderson
If you haven't noticed TechNet got a complete facelift earlier this year. As a developer for Windows I visit TechNet at least once a week, nearly as often as I visit MSDN, and I think that the changes have been positive. It took me a bit to find out where things had moved, but it seems to be more logically laid out now.
The new TechNet Wiki should end up being a great resource in the future as more and more information gets added by the community. I find that I get nearly as much information from user comments on MSDN programming articles as I do from the article itself, so I'll be keeping my eye on the Wiki in the future.
The other big thing is the Troubleshooting Search, or at least I hope it is. It's sometimes an exercise in frustration while I'm searching for an error message or code as I go through page after page of unhelpful information in Google. I haven't had a chance to put it to the test, but I will as soon as I have an error to track down.
For a good overview of the changes Train Signal Training has an interview with Keith Combs, one of the TechNet program managers. It's nice and short and gives a good rundown. They also have links to other details of what's new.
Photo by Don Hankins
We all know that malware is evil, but like most evil things there are some valid uses for them (that's true, right? Evil things can have uses, even in a Time Bandits sort of way? I thought so.)
Well, in case you don't believe me, here are the top 10 uses for malware that don't require you to be evil.
10. As a little present for the Nigerian 419 scammers when you send them your computer password so they can get your bank account numbers.
9. Any prank involving that guy from sales who keeps making fun of your tradeshow t-shirts.
8. Keyboard logging on your dad's computer so you can see what he typed right before "it broke and I swear I didn't change anything!"
7. Creating an unscheduled downtime emergency to get excused from a boring meeting.
6. Watching for references to computers on Hollywood scriptwriting computers and making the necessary changes so that the plot is somewhat in touch with reality.
5. Infecting the BIOS of your uncle's 12 year old Packard Bell computer so you can finally convince him that it's time to upgrade.
4. Making OS X feel more familiar to Windows users.
3. Showing up that obnoxious jerk at the class reunion by taking over the slide projector and showing Photoshopped pictures of him in his underwear.
2. Shutting down a real estate developer's computers to prevent the destruction of a building housing a rag-tag group of lovable orphans.
1. Defcon groupies.
Follow me on Twitter
Photo by heyjoewhere...
Back in July when I wrote about 5 Things This Procrastinating System Administrator has Learned I was pretty skeptical about the dire need to move to IPv6. I still am, but in the mean time I've been seeing stories about how some companies have been moving in pieces over to IPv6 and seeing how the move is going to eventuate. Everything Sysadmin has a good post on Successful IPv6 Projects which I think does a good job of outlining some strategies.
As I said before, I think that IPv6 was designed to avoid backward compatibility in a misguided strategy to get people to move over wholesale from IPv4. Whether this is true, or if there really are insurmountable technical limitations to backward compatibility, it doesn't change the fact that transitioning is difficult. Very difficult. Because of this, you don't see anyone drinking the whole jug of Kool-Aid and ditching v4 altogether. Instead, what you see are projects that transition to v6 with new devices or networks or with pieces that won't impact existing v4 users.
This is a good strategy because in doing so existing networks need to be upgraded to support the new standard in order to access the upgraded pieces. With a business case made, and a well scoped project defined, then an upgrade of a small piece of the network touches everything and gets the whole network ready to move. Since the real issue with v6 comes in interconnectivity outside of your network (read: Internet) being ready to flip the switch to v6 while still running v4 is really all you can, and need, to do for now.
At some point there are going to be two Internets, one that is v6 only and one that is still v4. There will be a lot of the Internet that can handle both but it can safely be considered the v4 'net. Once there is a critical mass on the v6 only side then any network which can't access it will be left in the dark ages. I still think we're very far away from that point, but now's a good time to start working on getting that little piece upgraded. Look for success stories out there, such as those on the Everything Sysadmin blog, to get some ideas of what pieces you can work on.