App Portal / App Broker 2017

Release Notes

18 July 2017

Important • If upgrading from a previous version to App Portal 2017, read Upgrading to App Portal 2017 before beginning the upgrade.

Introduction

App Portal enables IT managers to enforce continual software license compliance and control software deployment, while increasing employee satisfaction and the efficiency of application software delivery. The universal enterprise app store ensures that governance is in place to check license availability, obtain proper approvals, and reclaim licenses that are no longer used.

Automated workflow and approvals streamline the process of self-service requests for desktop, mobile, and cloud applications. Integration with Application Readiness and software deployment systems rapidly deliver enterprise software and operating systems to employee's devices, reducing the burden on IT and managing the enterprise application lifecycle from request to reclamation.

AppBroker™ software for ServiceNow® and AppBroker software for BMC leverage asset management data from FlexNet Manager Suite, including product use rights, to ensure proper governance and compliance over the request and installation of software. But with AppBroker, instead of using the App Portal end user interface, employees request software directly in the ServiceNow or BMC MyIT self-service portal.

New Features

This section describes the new features included in App Portal / App Broker 2017.

Enhanced OS Deployment Features
Ability to Submit OS Deployment/Application Migration Requests in ServiceNow Interface
App Portal Integration with BMC MyIT
Support for MobileIron Deployment Server
Ability to Create Campaigns to Automatically Retire or Upgrade Applications Enterprise Wide
Ability to Enable/Disable License Reclamation Policy
Unified Setup for Installation and Upgrade
SAML Support for App Portal Mobile App
Ability for Users to Submit Site Feedback

Enhanced OS Deployment Features

App Portal 2017 includes enhanced OS deployment features that make it easier to configure OS deployment settings, give you more control over the migration of existing applications, and make it possible to install additional applications as part of an OS deployment. Also, the documentation explaining how to create and request OSD task sequence catalog items has been enhanced.

Consolidated OS Deployment Settings
Global Setting to Enable/Disable Application Migration
Ability to Install Additional Applications During Task Sequence Deployment
Ability to Prevent a Catalog Item from Being Included in OS Deployment: Core Application
Enhanced Documentation on Configuring and Requesting OS Task Sequence Catalog Items

Consolidated OS Deployment Settings

In previous releases, OS deployment settings were located in various locations within the App Portal user interface. If you had connections to more than one version of System Center Configuration Manager, you were required to configure OS deployment settings on multiple subtabs of the Site Management > Settings > Deployment view.

In App Portal 2017, all of the OS deployment settings are now consolidated onto a single tab: the new OS Deployment tab of the Site Management > Settings > Deployment view.

OS Deployment Tab

Global Setting to Enable/Disable Application Migration

In previous releases, in order for you to be able to choose to migrate existing applications during OS deployment, you were required to select the Show for Migration / App Detection? option on the General > Global tab of the Catalog Item Properties dialog box for every catalog item that you wanted to make available for migration.

In App Portal 2017, you can enable migration for all catalog items at once by selecting the Enable application migration and installation of additional applications option on the Site Management > Settings > Deployment > OS Deployment tab.

Application Migration/Installation Settings on OS Deployment Settings Tab

If this option is selected, along with the Auto detect installed apps option on the Deployment > Roles tab of the Catalog Item Properties dialog box of the OSD task sequence catalog item, the Choose Existing Applications to Migrate Panel panel of the Checkout Wizard will be displayed during the checkout of that OSD task sequence catalog item.

If you want to give requesters the ability to specify which existing applications to migrate by making selections on the Choose Existing Applications to Migrate panel, select the Enable requester to specify which existing applications to migrate option.

If this option is selected, when the Choose Existing Applications to Migrate panel is displayed, the requester will be able to select which of the applications on the existing computer will be migrated to the target computer.
If this option is not selected, all applications on the existing computer will automatically be selected and the requester will be unable to deselect them.

Ability to Install Additional Applications During Task Sequence Deployment

In App Portal 2017, you can prompt the requester to select additional applications to install during OSD task sequence catalog item deployment. A new panel, entitled Choose Additional Applications Install During OS Deployment, can be displayed in the Checkout Wizard which lists software catalog items that are available for installation on the target operating system.

Choose Additional Applications to Install During OS Deployment Panel / Checkout Wizard

The Choose Additional Applications to Install During an OS Deployment panel appears during an OSD task sequence catalog item checkout if both the Enable application migration and installation of additional applications and Prompt requester to select additional applications to install options are selected on the OS Deployment tab of the Site Management > Settings > Deployment view.

Application Migration/Installation Settings on OS Deployment Settings Tab

Ability to Prevent a Catalog Item from Being Included in OS Deployment: Core Application

Every enterprise has a set of core applications that are included on all corporate images that are created, such as Microsoft Office, Chrome, etc. Because those applications are included in all OS images, there is no reason to ask an individual to select them during check out of an OSD task sequence catalog item.

In App Portal 2017, you can prevent a specific application from being listed on the Choose Existing Applications to Migrate or Additional Applications to Install During OS Deployment panels of the Checkout Wizard by designating it as a core application.

To specify a catalog item as a core application, select the Core application option under Request options on the General > Global tab of the Catalog Item Properties dialog box.

Note • The Core application option only applies to Software catalog items, not General or Task Sequence, or Cloud catalog items.

You can view a list of all catalog items that have been designated core applications on the new Catalog Management > Administration > Core Applications view.

Core Applications View

Enhanced Documentation on Configuring and Requesting OS Task Sequence Catalog Items

In App Portal 2017, the user documentation describing how to configure and request OSD task sequence catalog items has been expanded, and several sections have been added and/or expanded:

Using Task Sequence Catalog Items to Perform OS and Application Deployment—This new section explains how to perform OS deployment by offering task sequence catalog items in the App Portal storefront, and includes sections on configuring OS deployment settings, creating OSD task sequence catalog items, using roles to identify applications to deploy, configuring the migration/installation of applications during OS deployment, using user readiness and constraints to schedule OS deployment, and how to request an OSD task sequence catalog item.
Using App Survey, Clone/Migrate, and Support Tools to Perform Advanced Deployment Tasks—This section explains advanced deployment tasks that you can perform using App Portal that do not involve the checkout of an OSD task sequence catalog item in the App Portal storefront. Topics include using App Survey to identify the installed applications on a source computer so that they can be selected, and then installed, onto a target computer; and using Clone/Migrate to deliver the known application estate from a source computer to a target computer (outside of the realm of task sequence OS deployment).
Checkout Wizard—Expanded reference section that describes all possible panels of the Checkout Wizard, including those displayed only during the checkout of an OSD task sequence catalog item.

Ability to Submit OS Deployment/Application Migration Requests in ServiceNow Interface

In App Broker for ServiceNow 2017, you can now submit a request for OS deployment and/or application migration from within the ServiceNow user interface, using a custom Employee App Provision Request wizard.

Employee App Provision Request Wizard in the ServiceNow

The Employee App Provision Request wizard was designed to automate the provisioning tasks that are required when a new employee joins an organization or an existing employee changes roles. A service catalog request can be submitted from ServiceNow and the entire workflow will be taken care of by App Portal, including creating and importing a new machine, and installing all of the software applications that the employee needs. While the requests are submitted in ServiceNow, the deployment tasks are perform by App Portal using App Broker’s REST API, as described in New Rest API Endpoints for ServiceNow Computer Provisioning.

Using this self-service wizard, the following tasks can be performed:

Add new computer—You can add a new computer to System Center Configuration Manager and provision it with your corporate OS image and applications suitable to the specified user’s role.
Upgrade existing computer—You can upgrade the OS of an existing computer, with the option of adding additional applications. You can also choose to just add additional applications to an existing computer without upgrading the OS.
Perform side-by-side migration—Perform a side-by-side migration of applications from an existing system to a replacement system, which will be imaged with the selected corporate OS.

In other words, using the Employee App Provision Request wizard, a ServiceNow user can submit all of the same types of OS deployment requests that App Portal users are able to.

The Employee App Provision Request wizard consists of the following panels:

User Information and Request Type
Upgrade Operating System
Create New Computer
Select the Target Computer
Select OSD Task Sequence or Select Non-OSD Task Sequence
Role Applications
Application Migration
Choose Existing Applications to Migrate
Choose Additional Applications to Install During OS Deployment
Summary

After you submit a request using this wizard in ServiceNow, you can also view the status of your submitted requests on the Employee App Provision Requests Status view.

Employee App Provision Requests Status

Note • In order for an App Broker / ServiceNow customer to use the Employee App Provision Request wizard, you need to import the Flexera Software update set file (Flexera Software AppBroker 2017 R1 Update Set.xml) into ServiceNow. For instructions, see Integrating App Broker with ServiceNow in the App Portal / App Broker Administration Guide.

New Rest API Endpoints for ServiceNow Computer Provisioning

As described in Ability to Submit OS Deployment/Application Migration Requests in ServiceNow Interface, App Portal’s integration with ServiceNow enables you to use ServiceNow as your front end app store, while App Portal performs the behind-the-scenes fulfillment of OS deployment and application migration software requests.

The following new API endpoints are used to perform this ServiceNow integration regarding computer provisioning:

Getting Additional Applications for OSD Checkout
Getting Applications Associated to User and Machine Based on Conditional Roles
Importing New Computer in System Center Configuration Manager and Associating a User
Returning All Available System Center Configuration Manager Sites
Getting Task Sequence Catalog Items
Getting Status of Task Sequence / OSD Requests
Getting Installed OS Information for a Machine
Getting the Deployment Technology Details for a Machine
Getting the Settings Related to Task Sequences
Getting the Applications That Can Be Migrated
Getting the Roles Applicable to a User
Getting the Machines Associated to a User
Submitting a Task Sequence / OSD Request
Getting Additional Apps for Employee App Provisioning

For more information, see the App Portal / App Broker 2017 Administration Guide.

App Portal Integration with BMC MyIT

App Broker for BMC 2017 includes integration with BMC MyIT, which enables you to use MyIT as your front end app store, while App Portal performs the behind-the-scenes fulfillment of software requests, including automatically reserving licenses.

You can use App Broker for BMC to extend the power of your MyIT service catalog, enable software license governance and on-going optimization, and automate and accelerate the fulfillment of software requests to any device. Using App Broker for BMC enables you to provide your employees with a single service portal for all request types: software, hardware, and other IT services.

App Broker / MyIT Integration Overview

As illustrated in this diagram, the following steps take place when an employee requests software in MyIT.

Employee requests software in MyIT—An employee submits a software request from either the service portal or service catalog interface of MyIT.
MyIT sends request to App Broker—MyIT sends the request to App Broker.
App Broker obtains license information—App Broker obtains license information from FlexNet Manager Suite, which can include performing an advanced license check (considering second use rights, upgrade/downgrade rights, and exceptions).
License and cost information is sent to MyIT—The license information obtained from FlexNet Manager Suite, along with cost information, is displayed in MyIT, where the approver can review the cost that will be incurred and decide whether to approve the request.
Request is sent through approval process, if required—If the requested catalog item requires approval, the request is sent through the MyIT approval process.
License is reserved—If a license is required and the request is approved, App Broker reserves a license.
App Broker deploys software via deployment system—App Broker automatically deploys the software to the specified device using the appropriate deployment system.
Status information displayed in MyIT—The status of the software deployment is displayed in MyIT. During the delivery stage, App Broker continually monitors the status of requests, updates the status in MyIT.

For more information, see Using App Broker for BMC in the App Portal / App Broker 2017 Administration Guide.

Note • For App Broker for BMC’s out-of-the-box workflow to function, you are required to be connected to an instance of FlexNet Manager Suite.

Note • App Portal Enterprise Edition also offers standard out-of-the-box integration with BMC Remedy, but integration is limited to automatically creating or updating BMC Remedy tickets whenever specified actions occur in App Portal (such as when a request is submitted or completed).

Support for MobileIron Deployment Server

In App Portal 2017, you can connect App Portal to a MobileIron server and create catalog items for Apple iOS and Google Android mobile applications. This gives you license compliance, deployment automation, and control.

You specify MobileIron settings on the MobileIron tab of the Site Management > Settings > Deployment view.

Settings > Deployment View / MobileIron Tab

App Portal imports user information from MobileIron. Once connectivity if configured, and also on a daily basis, App Portal will import users that have devices managed by MobileIron. App Portal also imports user-to-device relationship for the devices that are managed by MobileIron.

Ability to Create Campaigns to Automatically Retire or Upgrade Applications Enterprise Wide

In App Portal 2017, you can now create Upgrade and Retire campaigns that will automatically retire a specified application or upgrade it to a newer version throughout your enterprise. You can use this feature in conjunction with the My Apps feature to ensure license compliance.

You configure retire and upgrade campaigns on the new Retire Campaign and Upgrade Campaign views under Compliance Management.

Creating a Retire Campaign

On the Retire Campaign Policies view, you can create a campaign to retire an application that is installed in your enterprise (by clicking Add Discovered Flexera IDs) or an application that could be installed in the future (by clicking Search Flexera ID). When you click Search Flexera ID, you search the FlexNet Manager Suite database of existing applications/versions.

After you add an application to the list on the Retire Campaign Policies view, an individual campaign is created for each application. You then need to click Configure Policy for each application to open the Configure Retire Campaign Policy view.

Configure Retire Campaign Policy View

On this view, select the Enable retire campaign option to enforce the campaign. If you wan to notify the user when the uninstallation of the retired software is complete, select the Notify user option.

How Uninstallation is Triggered in a Retire Campaign

Once a retire campaign is enabled, the uninstallation process will begin. What happens next depends upon the whether or not the application has an uninstall program associated with it in its deployment technology:

With associated uninstall program—If an uninstall program has been associated with this application in its deployment technology, App Portal will send an uninstall request to the deployment technology.
Without associated uninstall program—If an uninstall program has not been associated with this application in its deployment technology, App Portal will submit a request for that machine for a general catalog item named Uninstall, which is available out-of-the-box with App Portal.

Creating an Upgrade Campaign

On the Upgrade Campaign Policies view, you can create a campaign to upgrade an application that is installed in your enterprise (by clicking Add Discovered Flexera IDs) or an application that could be installed in the future (by clicking Search Flexera ID). When you click Search Flexera ID, you search the FlexNet Manager Suite database of existing applications/versions.

Upgrade Campaign Policies View

After you add an application to the list on the Upgrade Campaign Policies view, an individual campaign is created for each application. You then need to click Configure Policy for each application to open the Configure Upgrade Campaign Policy view.

Configure Retire Campaign Policy View

On this view, you first need to search the Applications list and select the application that users will be upgraded to.

Then, select the Enable upgrade campaign option to enforce the campaign. If you wan to notify the user when the software upgrade is complete, select the Notify user option.

Note • When an Upgrade Campaign is enforced, the original application is not automatically uninstalled, unless the installer of the upgraded version automatically uninstalls the older version or if a supersedence relationship has been configured in System Center Configuration Manager.

Ability to Enable/Disable License Reclamation Policy

As in previous releases, in order to specify which applications in your enterprise will be subject to license reclamation (uninstallation), you need to specifically add those applications to the My Apps License Reclamation Policies list, which is opened by selecting Compliance Management > My Apps on the Admin tab.

In App Portal 2017, a new option has been added to the Configure License Reclamation Policy view, Enable License Reclamation Policy, that you gives you the ability to enable or disable an existing license reclamation policy for an application.

Enable License Reclamation Policy Option on Configure License Reclamation Policy View

Unified Setup for Installation and Upgrade

In previous releases, App Portal shipped two installers: one for installing a new instance of App Portal and another to upgrade an existing instance.

App Portal 2017 now provides a unified setup that you can use to both install a new instance of App Portal and upgrade an existing instance. This new App Portal installer supports Microsoft SQL Server 2016 and later, and leaves the custom database object as-is.

SAML Support for App Portal Mobile App

Starting with App Portal 2016, you were able to configure single sign-on authentication for your users using your corporate single sign-on system, but the App Portal mobile interface was not supported.

In App Portal 2017, SAML 2.0 single sign-on authentication is supported when using the App Portal mobile interface. the Site Management > Settings > Single Sign-On view now includes a new Mobile User Interface section, where you can enter SAML 2.0 credentials.

Mobile User Interface Area of Single Sign-On View

Ability for Users to Submit Site Feedback

In App Portal 2017, you can enable a Site Feedback widget for your App Portal site so that users can report feedback or problems. Users are able to select whether they have feedback or are experiencing a problem, and can also specify which site module that their feedback or problem pertains to. They have the option of uploading files to associate with their feedback.

If the site feedback has been enabled for your App Portal site, a Feedback button appears in the lower right corner of all non-admin pages of the App Portal site.

Feedback Button

When a user clicks the Feedback button, a Feedback window opens, prompting them to describe their issue or problem and also giving them the option to upload files.

Feedback Window

When submitting a feedback issue, the user it prompted to Select an App Portal feature (module) that their are experiencing an issue with. App Portal administrators can customize this list.

App Portal administrators can view all submitted feedback on the Site Feedback view, which is opened by selecting Site Management > Communication > Site Feedback.

Site Feedback View

To view the details of an individual feedback issue, click Select. The Feedback Details view opens.

Site Feedback Details View

On the Site Feedback Details view, you can:

View issue text—You can view the text of the feedback issue in the Comments area.
Update status—You can update the Response Status of a feedback issue to one of the following: New, Open, Review, Reject, Needs Clarification, Hold, Backlog, and Close.
Download files—You can download any attached files by clicking on the Download link.
Delete—You can delete a feedback issue by clicking Delete.

Resolved Issues

The following table lists the customer issues that were resolved in App Portal 2017.

Issue

Description

IOJ-1760500

An upgrade to App Portal 2015 R2 SP4 failed, with following error message:

Cannot insert the value NULL into column 'NoteDate', table 'AppPortal.dbo.WD_RequestNotes'; column does not allow nulls.

IOJ-1762802

Request to provide an option in the user interface to stop the server task: Process Computers for My Apps alerts. App Portal adding support for running My Apps as a job; user can now stop and start the scheduled task.

IOJ-1762804

A new option named Enable License Reclamation Policy has been added to enable or disable a previously existing My Apps reclamation process.

IOJ-1767056

Request to add an API method to get ADGUID for user/group.

IOJ-1769665

IOJ-1769666

Request to prevent custom DB tables and views from being deleted during upgrade for App Portal 2015 R2 and App Portal 2016.

IOJ-1770970

For a catalog item with an “include collection” condition on the Visibility tab of the Catalog Item Properties dialog box, the behavior experienced by a non-admin user from a machine which is not included in the collection is as follows: the user receives an error message when attempting to add this catalog item, listed in the Most Popular list, to the cart: This package is not compatible with your Operating System.

IOJ-1773143

For a machine that is candidate for a Compliance (Action) alerts, the My Apps alert process will throw an exception. The exception is thrown both during the alert creation process triggered by the ESD Service as well as when a user visits the My Apps page.

IOJ-1774406

Pressing submit multiple times during checkout results in duplicate requests.

IOJ-1779188

App Portal AirWatch doesn't work with Windows 10 phones, even though the Windows 10 phone has been registered in AirWatch and a user/mobile device relationship can be seen.

IOJ-1781183

When approval workflows are applied to all catalog items and a conditional collection (Altiris Filter) is included in this workflow, if a package request is made for a machine which is outside the collection, the request goes into a pending state instead of being deployed.

IOJ-1781259

If no action alerts are configured, the My Apps tab displays the Software Policy Score and the software inventory for that device. However when an alert action catalog Item is created for one of the software applications installed on the device, the My Apps tab for that device displays nothing, not even the software inventory displayed for the device.

IOJ-1799987

Request for more comprehensive documentation on the App Portal logs and what information is contained within them

IOJ-1802619

When creating a new device for a bare metal OS deployment, the status of the request is not being picked up until a sync is performed.

IOJ-1804337

The documentation for the AddCMTaskSequence API web method does not list the deploymentTechnology value for ConfigMgr.

IOJ-1806299

When searching for packages in a grid, ConfigMgr packages are not found when using column filters if they are not in the top 100 packages in the catalog.

IOJ-1808535

On the Browse Catalog tab, in both list view and card view, the maximum length for a catalog item title is 42 characters. Request to increase the number of characters displayed.

IOJ-1811145

Request for option to be able to exclude ignored devices from My Apps View Devices reports.

IOJ-1811847

Customer is seeing the following exception thrown in the ESDService.log file every time the service is started:

The ConnectionString property has not been initialized (source: tmrEmailQueue_Elapsed)

IOJ-1812201

IOJ-1816810

The App Portal installer creates two scheduled tasks (App Portal - Process Computers for My Apps Alerts and App Portal - Send out My Apps Email Notifications) and both are automatically configured to run as SYSTEM. They should be configured to run using the same user/group as the ESD Service and the SelfService app pool.

IOJ-1812223

Request that all Service Packs should come with installation Instructions,

IOJ-1812555

An error is generated in the ActiveDirectory.log when you add an AD group to the catalog item from the Security Groups tab of the Catalog Item Properties dialog box.

IOJ-1814724

You are unable to change or localize the following message that is displayed when a requester attempts to add a catalog item that has no licenses available to the cart:

PACKAGE_NAME cannot be added to the cart at this time because no license is available. Please contact your administrator.

IOJ-1815287

If a direct link to a catalog item is provided to a user that does not have access to that catalog item’s associated category, that user is still permitted to add the catalog item to the cart.

IOJ-1816831

Alerts for task sequence catalog items are not rendered correctly: HTML tags are displayed as plain text.

IOJ-1818031

The values for masked variables are being displayed on the Variables subtab of the Request Details view on the My Requests tab.

IOJ-1819567

On the Details view of a catalog item on the Browse Catalog tab, the catalog item title is truncated to 42 characters; there is no way to display the full title, and the full title is not displayed when hovering over the truncated title.

IOJ-1826256

If an approver has a very long display name in Active Directory, they are unable to approve requests in App Portal.

IOJ-1826370

On the Report tab, the length of the string exceeds the value set on the maxJsonLength property.

IOJ-1830095

When an order was placed through REST API to App Portal when App Portal was not communicating with FlexNet Manager Suite, the order failed.

Upgrading to App Portal 2017

When upgrading an existing version of App Portal to App Portal 2017, it is very important that you review the following information before you begin the upgrade.

Supported Upgrade Versions
Planning Your Upgrade
Upgrade Notes

Supported Upgrade Versions

You can only upgrade to App Portal 2017 from the following previous versions:

App Portal 2016
App Portal 2015 R2
App Portal 2015
App Portal 2014

To upgrade from one of these supported versions to App Portal 2017, use the App Portal 2017 installer, which can be downloaded from the Flexera Software Product and License Center.

Important • If you want to upgrade an installation of App Portal 2013 R2 or earlier to App Portal 2017, you must first upgrade to 2015 R2 or 2016, and then upgrade to 2017. For assistance, contact a member of the Flexera Software Global Consulting Services team.

Planning Your Upgrade

When performing your upgrade to App Portal 2017, it is recommended that you include the following steps in your upgrade process:

Review the Release Notes—Thoroughly review this document, the App Portal 2017 Release Notes.
Backup your database—Prior to upgrading, you need to back up your existing App Portal database. It will not be backed up automatically by the installer. even if you are performing a “fresh” install on an existing database.
Backup user interface customizations—If you have customized your App Portal user interface, back up this directory of files before performing the upgrade:

[AppPortalInstallationDirectory]\Web\App_Themes\Flexera

Upgrade and test in a lab environment—Before rolling out the App Portal upgrade in production, first upgrade App Portal in a lab environment using a clone or subset of your production data and test it thoroughly to make sure it still operates as per your requirements.
Production rollout—When you are ready to roll out the App Portal upgrade to your production environment, it is recommended that you include the following steps:
a. Backup your existing App Portal database.
b. Take a snapshot of the App Portal server, if possible.
c. Provide downtime notice to your end users.
d. Schedule your service window to allow for adequate testing post-production upgrade.
e. Test your recovery model.

Upgrade Notes

Please note the following regarding upgrading from earlier versions of App Portal:

Upgrading the App Portal Web Service—Upgrading the existing App Portal instance will not upgrade the existing App Portal Web Services application. You need to manually run the AppPortalWebServiceSetup_2017_R1.exe installer on your System Center Configuration Manager machine.
App Portal logo not being displayed after upgrade—If you have a problem loading the App Portal logo (which is the default logo provided by App Portal) after upgrading, then you need to manually change the following AppSetting entry in the WD_AppSettings table from “CompanyLogoURL” to “/esd/Images/ap-logo.jpg”. However, if you are going to be using a custom logo, there is no need to perform this step.
My Apps scheduled tasks now run under Service Account—Starting with App Portal 2017, the My Apps-related scheduled tasks (App Portal - Process Computers for My Apps Alerts and App Portal - Send out My Apps Email Notifications) will run under the Service Account instead of the System Account. However, if you are upgrading from a previous version, you need to manually change the account that those scheduled tasks will run under; the App Portal installer will not makes these changes.
Microsoft .NET Framework 4.6.1—You should make sure that Microsoft .NET Framework 4.6.1 is installed prior to upgrading an existing installation of App Portal. Microsoft .NET Framework 4.6.1 is not bundled with the installer.

System Requirements

This section lists the system requirements for App Portal / App Broker:

Environment Requirements
Client Requirements
Server Requirements
Supported Deployment Technologies
Supported ITSM Systems
Supported Cloud Applications

Environment Requirements

Prior to beginning App Portal / App Broker installation, make sure that your environment meets or is able to meet the following requirements:

Requirement

Description

Active Directory

Microsoft Active Directory is required for App Portal / App Broker. It is fully supported under Windows Server 2008 R2 or later domains operating at all functional levels.

DNS

If you choose Use Reverse DNS as a computer discovery method during App Portal installation, a DNS service is required that supports and contains Reverse DNS Zones.

Database Software

Microsoft SQL Server 2008 R2 or later, including Microsoft SQL Server 2016.

SMTP Compatible Mail System

App Portal / App Broker requires an SMTP-compatible mail system, and supports both local and remote SMTP servers.

Internet Information Server (IIS)

App Portal / App Broker supports the versions of IIS that are installed with Windows Server 2012 or later,

The IIS Application Server and Web Server roles need to be installed.

App Portal / App Broker is installed into a virtual directory named ESD and is accessible using http://alias/ESD.

A DNS A-RECORD must be created to access the site if you wish to use an alias.

Integrated Authentication

App Portal / App Broker uses a user’s current Active Directory credentials to authenticate to IIS/App Portal / App Broker.

Active Directory User Discovery

Active Directory User Discovery must be enabled in System Center Configuration Manager and/or Altiris Client Management Suite for App Portal / App Broker to function properly. Additional Active Directory User Discovery extensions are also required.

Extend the attributes using the Active Directory User Discovery method in the System Center Configuration Manager Console and/or Altiris Management Console. Include the following attributes in addition to the existing ones if performing manually:

mail

department

title

displayName

distinguishedName

manager

company

l (lower case L) (Only enter the letter l!)

postalCode

sn

givenName

physicalDeliveryOfficeName

Important • This is only required if you are using standard discovery from System Center Configuration Manager or Altiris. If you are providing a custom SQL script to perform user and computer discovery, these steps are not required.

Caution • The user discoverable attribute displayName is required to be extended in System Center Configuration Manager and/or Altiris Client Management Suite. This needs to be done before performing the user and computer sync process or the process will fail.

High Speed Connection

The IIS server should be on the same physical network as the database server, and should be connected at a high speed (greater than or equal to 100 MBit).

Client Requirements

The following are the App Portal client requirements:

Requirement

Description

Desktop Operating Systems

Windows 7 or greater
Mac OS X 10.7.x or greater

Note • To deploy software to a device using App Portal / App Broker, the device needs to be managed by Microsoft System Center Configuration Manager, Symantec Altiris, or Casper.

Mobile Operating Systems

Google Android
iOS
Windows Phone

Note • To deploy mobile apps using App Portal / App Broker, the device needs to be registered and managed by AirWatch or MobileIron.

Browser

App Portal / App Broker supports the following browsers:

Microsoft Internet Explorer 9.0 or greaterApp Portal / App Broker requires that the client’s web browser be Internet Explorer 9.0 or greater; however Internet Explorer 10 or 11 or Microsoft Edge are preferred for the best experience.
Firefox, ChromeApp Portal / App Broker also supports Firefox and Chrome browsers; however these browsers do not support Active X and therefore will always discover the computer using the Reverse DNS discovery method.

Note • The fall back to ReverseDNS on these browsers is only done if ActiveX is the primary computer discovery method chosen. If the discovery method is set to SCCM, then App Portal / App Broker will honor that for all browsers.

Trusted Sites

The App Portal / App Broker web site must be added to the trusted sites list for Internet Explorer. For example:

http://APPPORTALSERVER

Important • This is very important.

Server Requirements

The following are the server requirements for the App Portal / App Broker Web Service and the App Portal / App Broker installation platform:

App Portal / App Broker Web Service Server
App Portal / App Broker Installation Platform
Setting Permissions: App Portal Service Account

App Portal / App Broker Web Service Server

The following are the system requirements for the servers where the App Portal / App Broker Web Service is installed:

Requirement

Description

Authentication

Windows Authentication

Microsoft .NET Framework

Microsoft .NET Framework 2.0 SP1 or later is required on all primary sites.

IIS

App Portal / App Broker supports the versions of IIS that are installed with Windows Server 2008 R2 or later.

The IIS Application Server and Web Server roles need to be installed.

ASP.NET

ASP.NET needs to be installed.

The instructions for installing the App Portal / App Broker Web Service depends upon your deployment technology:

For System Center 2012 Configuration Manager and System Center Configuration Manager (Current Branch), the App Portal / App Broker Web Service is only needed at the CAS or Central site.

For System Center 2012 Configuration Manager and System Center Configuration Manager (Current Branch), folders will be created called App Portal Users For Site XXX and App Portal Computers for site XXX.

For System Center 2007 Configuration Manager, the App Portal / App Broker Web Service must be installed on every primary site server in order to service the System Center Configuration Manager clients at that site.

Therefore, you are required to run the AppPortalWebServiceSetup.exe on each primary site, confirming the local server name and System Center Configuration Manager SQL Database of the primary site server. A default System Center Configuration Manager Collection called App Portal Collection for Site XXX will be created on each primary site. This collection will be populated as necessary to service the clients that report to that site.

For System Center 2007 Configuration Manager, an advertisement folder called App Portal Advertisements for Site XXX will be created to contain the advertisements created by App Portal / App Broker.

App Portal / App Broker Installation Platform

The App Portal / App Broker installation platform must meet the following requirements:

Requirement

Description

Authentication

Windows Authentication

Operating System

Windows Server 2012 or later

IIS

App Portal / App Broker supports the versions of IIS that are installed with Windows Server 2012 or later.

The IIS Application Server and Web Server roles need to be installed.

Microsoft .NET Framework

Microsoft .NET Framework 4.6.1 or later

ASP.NET

ASP.NET needs to be installed.

Setting Permissions: App Portal Service Account

App Portal requires that you identify an account (App Portal service account) to use for the interaction with SQL and Active Directory. The App Portal service account will require administrative permissions on the client workstations if you wish App Portal to successfully run machine policy evaluation for accelerated software deployments and rerunning advertisements as necessary.

The service account must have Read permission on the Microsoft System Center Configuration Manager or Altiris Client Management database in SQL and Read/Write permission on the App Portal database that gets created during the installation process. The Installer Account will attempt to provision the Service Account with DB_DataReader permissions to the SCCM database and DBO permissions to the App Portal database.

Supported Deployment Technologies

App Portal / App Broker 2017 supports the following deployment technologies for software distribution:

Microsoft System Center Configuration Manager (Current Branch 1702)
Microsoft System Center 2012 Configuration Manager
Microsoft System Center 2007 Configuration Manager
Altiris Client Management Suite 7.1 or later
AirWatch 9.1.2.4 (for mobile application deployment)
JAMF Casper Suite 9.6.4
MobileIron 9.2

Note • App Portal supports JAMF Casper Suite 9.6.4 on premises version; the cloud version is not supported. Inventory can be collected from Macintosh computers running OS X 10.7.x or later.

The purpose of App Portal / App Broker’s support for multiple deployment technologies is to enable you to:

Provide a seamless end user experience while you are upgrading from older versions of System Center Configuration Manager to System Center Configuration Manager (Current Branch).
Present a single instance to your users even if your organization uses both System Center Configuration Manager and Altiris deployment technologies across your enterprise.
Provide your users with a universal app store containing both desktop and mobile applications.

You enter the deployment technology connection settings by opening the Deployment tab on the Site Management > Settings view, and then entering the settings on the ConfigMgr, SCCM 2012, SCCM 2007, Altiris, AirWatch, MobileIron, or Casper subtabs.

Site Management > Site Settings > Deployment Tab

App Portal / App Broker can only be connected to multiple servers of the same type if they are set up in a hierarchical relationship, with only the “main” site’s connection information entered on the Site Management >Settings > Deployment tab. The following table describes the acceptable hierarchical relationships for the three deployment technologies:

Technology

Description

System Center Configuration Manager (Current Branch)

System Center 2012 Configuration Manager

Single Primary Site OR Central Administration Site > Child Primary Sites

For System Center Configuration Manager (Current Branch) or System Center 2012 Configuration Manager, App Portal / App Broker only communicates with one site: either a Single Primary Site or a Central Administration Site (which in turn replicates data to all Child Primary Sites).

System Center 2007 Configuration Manager

Central Site > Child Primary Sites

App Portal / App Broker supports multiple System Center 2007 Configuration Manager Child Primary Sites; however, they need to be in the same hierarchy of the Central Site that is configured in System Center 2007 Configuration Manager.

Altiris Client Management Suite 7.1 or later

Single Primary Site OR Central Site > Child Primary Sites

For Altiris. App Portal / App Broker only communicates with one site: either a Single Primary Site or a Central Site (which in turn replicates data to all Child Primary Sites).

Important • App Portal / App Broker does not support connecting to multiple, disconnected deployment servers that are using the same deployment technology and version.

Note • When using System Center Configuration Manager, Microsoft .NET Framework 4.6.1 is required to be installed on the IIS server in order to run the App Portal / App Broker service and web site. This is not required when using Altiris Client Management Suite.

Supported ITSM Systems

Both App Portal and App Broker include out-of-the-box support for integrating with ITSM systems.

App Portal

App Portal 2017 provides support for the following ITSM systems:

ServiceNow
BMC Remedy IT Service Management Suite

When App Portal’s ServiceNow or BMC integration is set up, whenever specified actions occur in App Portal (such as when a request is submitted), tickets in the attached ITSM system can be automatically opened or closed, or the status of a ticket can be reported on.

Note • If you would like to integrate with an ITSM system other than ServiceNow or BMC Remedy, you can use App Portal’s reusable framework to connect to and configure integration to that system.

App Broker Software for ServiceNow

With App Broker Software for ServiceNow 2017, you can publish App Portal catalog items in the ServiceNow catalog. This enables ServiceNow users to request software directly in the ServiceNow self-service portal, with App Portal performing the license check and automated deployment. Using App Broker Software for ServiceNow, you can also submit a request for OS deployment and/or application migration from within the ServiceNow user interface, using a custom Employee App Provision Request wizard.

Important • To use App Broker Software for ServiceNow, you must have a ServiceNow MID Server that has access to the App Portal / App Broker REST APIs.

Important • In order for the out-of-the-box App Broker Software for ServiceNow workflow to function, you must have also purchased FlexNet Manager Suite and connected it to App Portal.

App Broker Software for BMC

With App Broker Software for BMC 2017, you can use MyIT as your front end app store, while App Portal performs the behind-the-scenes fulfillment of software requests, including automatically reserving licenses. Using App Broker Software for BMC enables you to provide your employees with a single service portal for all request types: software, hardware, and other IT services.

Important • In order for the out-of-the-box App Broker for BMC workflow to function, you must have also purchased FlexNet Manager Suite and connected it to App Portal.

Supported Cloud Applications

App Portal / App Broker 2017 provides out-of-the-box support for the following cloud applications:

Box
Salesforce
Microsoft Office 365

You can also manually create a connection to another cloud application system (such as DropBox, WebEx, GotoMeeting, Concur, etc.) so that you can create catalog items for that system.

If you connect App Portal / App Broker to one of these cloud applications, App Portal / App Broker can offer a catalog item that will automatically create an account for the requester in that cloud application.

Legal Information

Copyright Notice

Copyright © 2017 Flexera Software LLC. All Rights Reserved.

This publication contains proprietary and confidential information and creative works owned by Flexera Software LLC and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera Software LLC is strictly prohibited. Except where expressly provided by Flexera Software LLC in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera Software LLC intellectual property rights, whether by estoppel, implication, or otherwise.

All copies of the technology and related information, if allowed by Flexera Software LLC, must display this notice of copyright and ownership in full.

Intellectual Property

For a list of trademarks and patents that are owned by Flexera Software, see http://www.flexerasoftware.com/intellectual-property. All other brand and product names mentioned in Flexera Software products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners.

Restricted Rights Legend

The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software was developed fully at private expense. All other use is prohibited.