Foundations [2 Days]
CSI-300
Foundations of the Native
Windows Application Environment
This component course lays the ground work for understanding how the operating system interacts with natively installed Windows applications. Understanding the way in which applications and the operating system expect to be interacting is critical for engineering applications to successfully run under alternative environments such as application virtualization, compatibility shimming, application streaming and cloud environments. This course first covers the Windows Application Environment of the traditional Win32 core up to Windows XP. Next it covers the many new changes to the native application environment that were made in version 6 of the OS kernel that was released with Windows Vista and is in Windows 7 and Server 2008.
Topics
Fundamentals of Windows Processes
Anatomy of a process, Permissions, Loading DLLs and Other Code, Security Tokens, Sessions.
COM Fundamentals
COM Operations, HKCR, Tracing COM, DLL Loading, Loading Overrides (.LOCAL)
Windows Code Files
Anatomy of EXEs and DLLs, DLL Loading, Editing EXEs.
Processes for Kernel 6 (Win7, Vista, Win2008)
Windows Integrity Mechanism (WIM) Integrity Levels (IL), User Account Control (UAC), Security Manifesting, On The Fly Virtualization, COM and UAC, Disable UAC, Windows Resource Protection (WRP), User Interface Privilege Isolation (UIPI), Win7: Per-User Applications (PUA), Win7: XP Mode
IE Changes for Kernel 6
IE Protected Mode (IEPM), Usage of ILs, Usage of UAC Virtualization
Application Internals
The main ways in whch an application integrates with Windows. Environment variables, App Paths, Shortcuts, Extension Mapping, Shell Extensions, etc.
Labs & Templates:
Procmon filter templates
Tracing COM
Replacing internal UAC manifests
Virtualization: Detecting, Tracing, Cleaning Up
Tools:
Process Explorer (Procexp.exe)
Process Monitor (Procmon.exe)
Explorer Suite EXE Editor
whoami
RegScanner
RegfromApp
AppCompat
AppVerifier
MSI 5 Update [1 Day]
CSI-460 - MSI Packaging Update for Windows 7
This component course brings you up to speed on the new functionality in Windows Installer since XP. There are both challenges and benefits to the new features in these releases. This course outlines how to take advantage of the new features in package authoring. It also discusses the possible impacts on corporate IT software deployment and what steps can be taken during both package authoring and package deployment to ensure software distribution is reliable on Windows 7.
Topics
New for Windows Installer 4.0, 4.5 & 5.0
Overview of all the new functionality added since the 3.1 release in Windows XP SP2. Windows Installer 4.5 interim release is covered as well.
Integrating with Software Distribution
Ensuring that packages run well with software distribution system as well as user self-serve installations.
Package Authoring Best Practice
Package code signing, changes in source files format.
Deploying Packages to Vista / Windows 7
How UAC and MSI Elevated privileges compare, differ and interact. Avoiding UAC problems. Windows 7 Dual Purpose Packages for supporting profile isolated software installs. New AppCompat support for packages.
Managing User Admins
The course discusses the Windows Installer issues that need addressing if you will be eliminating XP user admins when migrating to Windows 7. It also discusses how to configure Windows Installer for maximum control if you will be supporting User Admins for some or all of your end users. Topics include Software Restriction Policies (certificates), Integrated Package Security, Configuration of Pre-4.0 MSI policies and properties that help when managing User-Admins
Managing Custom Actions
When custom actions need to be SDK compliant and when they don't. Custom actions in commercial packages. Special custom action compatibility in Windows 7.
Labs & Templates:
Restart Manager
New MSI Logging Features
Analyzing custom action permissions
Creating system deferred custom actions
Analyzing MSI 4.0, 4.5 and 5.x logs
Tools:
CSI Test Harness Package for Windows Installer 4.5, 4.0 and 5.0 Features
Shell Incept Configuration
Special .ADMX for Group Policy
Log File Analysis and Diagnostics Utility for New Windows 7 Features
Tool To Prevent Packages from Running on Non-Company Machines and When Double-Clicked Without Proper Command Line
