Windows Vista Deployment Planning - Part 3
In Windows Vista Client Build and Deployment Process, I presented the diagram that I use when scoping deployment projects, so in this post I'll continue discussing the process in more detail - previous posts have covered Infrastructure Prerequisites and Client requirements. In part 3 of this series, I will consider Application Compatibility.
Before starting down the application compatibility testing and remediation route, it is worth considering where the application compatibility issues will arise. From experience this usually falls into two distinct areas that Windows Vista introduces - security enhancements and operating system changes and innovations.
The following new security enhancement features in Windows Vista may cause compatibility issues with applications:
- User Account Control provides a method of separating standard user privileges and tasks from those that require administrator access. UAC increases security by improving the computer experience for users running standard user accounts. Users can now perform more tasks and enjoy higher application compatibility without the need to log on to their client computers with administrative-level privileges. This helps reduce the affect of malware, unauthorised software installation, and unapproved system changes. UAC can introduce problems in applications that are not compliant with this technology enhancement. For this reason, it is important to test applications with UAC enabled before you deploy them. For more information about application compatibility testing, see the BDD Application Compatibility Feature Team Guide.
- Windows Resource Protection is a new feature in Windows Vista that helps safeguard system files and protected registry locations to help improve the overall security and stability of the operating system. Most applications that previously accessed or modified these locations are automatically redirected to temporary locations, which they can then use to continue to operate without issues. However, applications that require full access to these protected areas and cannot handle the automatic redirection process will not operate properly with Windows Vista. In these cases, the applications must be modified so that they function as intended.
- Protected Mode is a new feature of Microsoft Internet Explorer 7 that helps to protect computers running Windows Vista from the installation of malware and other harmful software by running the browser with lower, more secure rights. When Internet Explorer is in Protected Mode, the browser can only interact with very specific areas of the file system and registry. Although Protected Mode helps maintain the integrity of client computers running Windows Vista, it can affect the operation of older Internet and intranet Web applications. Such Web applications may need to be modified to run them in a more restrictive Internet Explorer 7 environment.
The following operating system changes and innovations in Windows Vista may cause compatibility issues with applications:
- Application programming interfaces (APIs) expose layers of the Windows Vista operating system differently than in previous versions of Windows. Antivirus and firewall software are examples of applications that rely on these new APIs to properly monitor and safeguard Windows Vista. Applications that perform these functions need to be upgraded to versions that are compatible with Windows Vista.
- 16-bit applications and 32-bit drivers are not supported in the Windows Vista 64-bit environment. Automatic registry and system file redirection is not available for the 64-bit environment. For these reasons, new 64-bit applications must comply with the full Windows Vista application standards.
- Many older applications check for specific versions of Windows. When third-party applications cannot detect a specific operating system version, many of them stop responding.
The Windows Vista Developer Story: Application Compatibility Cookbook on MSDN provides additional information about the security enhancements and operating system changes and innovations in Windows Vista. The cookbook also provides test approaches and possible remedies for many of the compatibility issues that may be encountered.
Now that we have considered the main areas where application compatibility issues arise, we can consider how the application compatibility testing and remediation will fit into our project process.
Applications Compatibility Testing
The ability to create standardised MSI packages, the introduction of packaging procedures, and a central application database, are the building blocks for many of the new features that can be enabled as part of a Windows Vista deployment project. They also serve other initiatives such as active patching and asset management. In most cases companies will adopt an industry standard, centralised packaging system at the very least.
If this is the case, I recommend using the Microsoft Application Compatibility Toolkit (ACT) 5.0 to aid in the application migration onto the Windows Vista platform. ACT provides a platform to carry out discovery and remediation work and tends to be used by application owners and developers. ACT makes it easier to introduction testing and remediation within a current packaging process.
With ACT in use, the remediation effort should be folded in as part of a packaging workflow. The way that this tends to work is that on entering the packaging workflow, applications are evaluated against known issues using ACT. This will give an early view of applications that will need further investigation, or those that have standard fixes already documented. Additional information on ACT 5.0 can be found in Microsoft TechNet
Changes to an operating system, whether it be a minor change such as a service pack update or as major change such as a migration to a new version requires a significant amount of planning in terms of application remediation. The level of application remediation for these changes is often underestimated due to a lack of pertinent or accurate information. I often advise clients to analyse the entire application portfolio to determining the effort required to ensure the applications will operate correctly when run on Windows Vista.
Application remediation can then fall into a number of areas, from simple shims that enable the application to run without change on Windows Vista to complete re-design and re-writing of an application by in-house developers of the software vendor responsible for the application.
There are also additional Microsoft technologies that can be used to address application compatibility issues that might take some time to fully resolve. These technologies are designed to help migrate to Windows Vista, and continue to run business critical applications that are not compatible with Windows Vista. These technologies include the following:
- Virtual PC 2007 can be used to run applications on Windows Vista that only work properly with older versions of Windows. Virtual PC lets users keep a previous version of Windows available to run non-compatible applications within their Windows Vista environment until upgraded versions of non-compatible applications are developed.
- Terminal Services for hosting applications provides hosting and delivery of Windows-based applications, or the Windows desktop itself, to virtually any computing device on the network. Windows Vista clients can connect to these application-hosting environments through Remote Desktop to access older applications.
- Virtual Server for hosting applications allows the hosting of legacy applications and allows remote connectivity from end users who need access to those applications. In conjunction with Windows Server 2003, Virtual Server 2005 R2 provides a virtualisation platform that runs most major x86 operating systems in a guest environment, and is supported by Microsoft as a host for Windows Server operating systems and Microsoft Windows Server System applications.
- Microsoft SoftGrid is an application virtualisation solution that delivers applications that are never installed, yet securely follow users anywhere, on demand. SoftGrid is comprised of the SoftGrid platform, an engine that turns applications into centrally managed virtual services that are delivered on-demand.
Applications Delivery and Installation
An application delivery and installation mechanism that I tend to favour uses a tiered application delivery process. I tend to recommend four tier levels that can be used to categorise applications.
The first tier (Tier 1) are applications that are included as part of the core image.
I then consider the other applications to be non-core lines of business applications falling into the other three tiers (tier 2, 3 or 4) which will not be included as part of the core build image. These Line of business applications are catagorised into the remaining three tiers as follows:
- Tier 2 Applications – Applications that are delivered via the web browser
- Tier 3 Applications – Applications that are delivered via SMS or another management platform
- Tier 4 Applications – Applications that are exceptions
Tier 4 usually contains legacy line of business applications that cannot be delivered to users via the browser and will not run under Windows Vista. These will need to be managed as exceptions. The management of exceptions should be ongoing and non-compliant software must be considered for redesign, terminal server use, SoftGrid delivery, Virtual PC/Server delivery or retirement.
The diagram below shows the conceptual design for application delivery based on the four tier idea.
2007 Office System
Although rolling out 2007 Office System as part of a Windows Vista deployment project is common in the customers I work with, there are some things to consider. Although not directly tied to application compatibility, there is a link because many companies use Office as the core of their productivity tool set and because of changed in 2007 Office System, there will be compatibility and remediation work to carry out. Some of this compatibility and remediation work will be technical issues (file formats and extensibility of 2007 Office System) while others are based around user education.
For 2007 Office System inclusion in a Windows Vista deployment project, you should consider:
- The 2007 Office System has a completely new user interface for Word, Excel and PowerPoint applications with the traditional menu bar being replaced by the “ribbon”. The redesign makes the whole user experience more intuitive, graphical and contextualised by completely rationalising the interface. In addition, there are new features available within the clients such as the new Smart Art graphical features that users of previous versions will not be familiar with. The Office 2007 client has the potential to be a valuable tool in business optimisation and personal productivity.
- The Office 2007 file format is a departure from the binary format in previous versions of Office and is based upon XML technologies. Although this provides a number of benefits, an initiative to manage the conversion to the new File Format is required. Patches are available for previous versions of Office (Office 2000 and above) that will provide a level of flexibility in that all users will be able to view and edit documents saved in the new file format from older versions of Office.
- In terms of co-existence, users will need to understand what capabilities are tied to the new Office 2007 client, for example, Smart Art functionality cannot be modified within Office 2000. Therefore extra consideration will need to be taken into account when authoring content with regard to who is potentially going to modify or update the documents once they have been distributed. Also, for documents that are to be made available externally, they may need to be saved in the old binary format in order for others to be able to contribute and collaborate on the content.
- Office 2007 clients are fully extensible and Visual Studio Tools for Office (VSTO) provides a mechanism for such customisation and extensibility. One of the main areas of customisation will involve the new Ribbon. The customisation of the Ribbon is based on a declarative model, using XML supported by an object model to develop against. This approach simplifies development and allows for more rapid extensions of the core clients. This allows for the creation of tabs, customisation of built-in tabs, additions to the File Menu, additions to the contextual tabs and the possible removal of tabs, groups and controls. Third party vendors who integrate into the Office 2007 client will can carry out their integrations as extensions to the ribbon interface.
The following are freely available tools that are useful in application compatibility testing processes.