Many large enterprises use Microsoft’s Application Virtualization product, App-V, to distribute applications throughout their organization. They do this because they want to isolate the core of the applications from differences in computers and other applications installed, plus they want to pre-configure many of the features prior to deployment. The ubiquitous Adobe Reader application has long been a prime candidate to deploy through App-V, although in the past there were technical issues as Adobe increased the built-in security of the product and these security changes conflicted with App-Vs own efforts to secure the assets. But this is no longer the case, Adobe Reader DC and App-V 5.1 work great together.
Just to be clear, I am talking about the free Adobe Acrobat Reader DC, not other versions. Certain aspects of Adobe Acrobat DC Std and Pro can be challenging for virtualization. Specifically portions of Std and Pro, like the print driver, are still a challenge to virtualize but can be overcome with ingenuity.
Adobe has gotten pretty good at deployment options lately. It would be nice if more software vendors supported the IT Professionals that are responsible for preparing to roll out their software with tooling beyond the MSI command line options the way Adobe does. And they have been doing a great job of working with the App-V team at Microsoft, so there aren’t any significant issues in sequencing Acrobat Reader DC. Here is everything you need to know to do it yourself in four steps.
1. Get a Distribution Agreement from Adobe
If you want to distribute Reader, or a handful of other Adobe products, inside your company you need to apply for a distribution agreement. This is a pretty simple process. You fill in a web form and a short while later you get an email back. But in addition to making you legal, the email also gets you access to the full downloadable installers rather than the ones that download from the internet. You want to download those full installers so that you have full reproduction capabilities and documentation.
2. Get the Customization Wizard for Adobe Reader DC
The Acrobat Customization Wizard DC makes it easy to customize the Reader installer up front, before you try to install the software. Even if you aren’t going to virtualize the product with App-V, it is well worth the effort to customize the installer before you distribute. Just be sure to get the copy for the version of Reader that you intend to sequence.
3. Customize the Installer
I prefer to start the process on a clean machine, which makes the App-V Sequencer VM a convenient place. We’ll revert the machine before sequencing so it is OK to dirty it.
The documentation explains that you should start by unpacking the exe based installer they supply to get at the MSI files inside. The instructions didn’t work for me, so here is what I did. [Note: The documentation has been updated to correct this.] I downloaded a copy of 7zip and installed that on the sequencer (you could also use any other tool that can crack open an exe installer). Open the file and extract the contents out into a folder on the desktop.
You will find both an msi, the installer for the major version, and a msp patch installer. The latter changes on the minor updates. We will use the Customization tool to work just with the MSI and create a MST transform file that can be applied.
When you use the Customization Wizard tool, it might give you a warning about backing up your files. Create a new folder and copy the MSI file into that folder. Using the Customization Wizard tool, open up the original msi file and ignore the warning.
On the left hand side is a menu for customization areas. Clicking on one will scroll the documentation window to the appropriate page. Some pretty good detail is there to explain things, so I’ll just cover the things you most likely want to change.
Personalization Options
Installation Options
Here you may want some changes:
I prefer to make the software the default reader.
I also want to uncheck the Enable Optimization feature as I don’t want defragmentation occurring on the sequencer.
I use to let the installer cache in the package for possible self-repair, but since App-V 5 won’t let executable components be written to, you are better off unchecking that box.
I set the Run Installation setting to Unattended, but that is a personal choice. Reboots shouldn’t be needed for Reader DC during the actual installation if the sequencer image is clean, but should it be needed you want to be prompted. In App-V 5, it is OK to reboot during the sequence.
Skip the Server Location page unless you know that you need to add something here.
Security
Setting up the security options is really important at some companies, while others will just skip this page. Read the documentation for details.
Digital Signature
If you skipped over the Security page, skip over the Digital Signature** **page also.
WebMail Profiles
I’m sure some customers care about the WebMail Profiles, but suspect that those customers are using the Pro version. If you don’t know why you want to make a change here, move on.
Online Service and Features
On the Online Service and Features page, we run into features that some enterprises do not want.
Self-updating is not supported in App-V 5.1, so you always want to disable the product updates. When you need the updates, you upgrade the App-V package and redistribute. Reader DC has a windows service used for the update, so uncheck the Disable product updates (1, below).
Item 2 on the display is probably more related to security. I’m willing to trust Adobe, but check with your CSO.
The idea behind DC version is that you can do a lot more than just read PDFs. But all of those other things are online, cloud based services. And someone has to pay for them. The Pro version includes all of them, but users can purchase a subscription to just what they need, like PDF to Word“>convert a PDF to Word, rather than purchase the whole suite. For many enterprises I talk to, they want to control these features.
Disable
Comments and Forms
Remember
File Attachments
Launch Office Applications
Other Settings
Direct Editor
The Direct Editor page allows you to directly edit the MSI tables. You probably don’t need to.
I’m sure there are a bunch of other things you can do to tweak the installed package further, but this covers the basics. When you are happy, it is time to save off.
There are two ways to save off your work. Use the second way (File menu).
The second method is to use the File menu and save in the same folder as the MSI also. This creates an mst file with the same name as the msi, plus it also edits the setup.ini file, so you won’t have to remember the syntax to run the msi with the msp and mst on a single command line.
Save off this folder as your customized installer. You’ll want to pop it up to a network share as you’ll then revert the sequencer.
4. Sequencing
The Sequencing is pretty straight forward at this point! Between pre-customizing the installer, and the great work done between the Adobe and App-V development teams, we don’t have issues today.
You don’t need to PVAD the installer. Just run the setup.exe without arguments when in monitoring mode and your administrative install will complete without further input, using your MST file and the msp patch installer. I suppose you could clean out the cached installer or restrict the package to certain operating systems, but otherwise no special settings or edits should be necessary, just save off the package.
Caveats and Options
The Application Capabilities feature of the installer requires publishing globally, but you can probably live with hard coding of Reader DC as the default for pdfs.
To get the benefits of browser integration, the browser must run in the virtual environment. Without this, when the user clicks on a PDF on a web page, Reader DC will open as a separate application and window to display the PDF; with this the PDF displays inside the browser window using the COM interface connected via browser plugin. Use of App-Vs Connection Groups and/or RunVirtual is recommended to achieve this tight integration.
