App Portal / App Broker 2018 R1
Release Notes
October 2018
Important • If upgrading from a previous version to App Portal / App Broker 2018 R1, read Upgrading to App Portal 2018 R1 before beginning the upgrade. In addition, because App Portal 2017 R2 no longer supports System Center Configuration Manager 2007, if you are still planning on using System Center Configuration Manager 2007, it is recommended that you remain on App Portal 2017 R1 or earlier.
Introduction
App Portal enables IT managers to enforce continual software license compliance and control software deployment, while increasing employee satisfaction and the efficiency of application software delivery. The universal enterprise app store ensures that governance is in place to check license availability, obtain proper approvals, and reclaim licenses that are no longer used.
Automated workflow and approvals streamline the process of self-service requests for desktop, mobile, and cloud applications. Integration with Application Readiness and software deployment systems rapidly deliver enterprise software and operating systems to employee's devices, reducing the burden on IT and managing the enterprise application lifecycle from request to reclamation.
AppBroker™ software for ServiceNow® and AppBroker software for BMC leverage asset management data from FlexNet Manager Suite, including product use rights, to ensure proper governance and compliance over the request and installation of software. But with AppBroker, instead of using the App Portal end user interface, employees request software directly in the ServiceNow or BMC MyIT self-service portal.
New Features
This section describes the new features included in App Portal / App Broker 2018 R1.
| • | Software Reclamation Dashboard |
| • | Support for Campaign-Level Exclusions/Inclusions |
Software Reclamation Dashboard
App Portal’s Software Reclamation dashboard is now the Home page of App Portal if you have permissions to view it. The Software Reclamation dashboard provides tiles and graphs to give you an overview of the progress and status of your software reclamation policies. The tiles at the top of the dashboard display the total reclamation savings over a specified time frame, and also displays the percentage of successful, pending, and failed reclamations in that same time frame. Six graphs are also provided on the dashboard that give granular reclamation details with functionality to further customize the views by picking different time frames and with the use of interactive graph legends that let you remove any legend values from the graph. With all of this information and functionality readily available, you will be able to more closely monitor your software reclamation efforts, helping to drive continual software license reclamation and optimization.
Software Reclamation Dashboard tiles at the top of dashboard
The following sections provide additional information about the Software Reclamation dashboard.
| • | Graphs Included on the Software Reclamation Dashboard—Describes the following graphs: |
| • | Software Reclamation Savings |
| • | Top Software Titles by Reclamation Savings |
| • | Top Software Titles Reclaimed |
| • | Top Software Titles by Reclamation Status |
| • | Software Reclamation Status |
| • | Reclamation Response Breakdown for Top Software Titles |
| • | Dashboard Customization Options—Provides the following customization details: |
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
Note • For complete information about the Software Reclamation dashboard, refer to the “Software Reclamation Dashboard” topic in the App Portal / App Broker Administration Guide.
Graphs Included on the Software Reclamation Dashboard
The following graphs are also provided on the Software Reclamation dashboard below the overview tiles.
| • | Software Reclamation Savings |
| • | Top Software Titles by Reclamation Savings |
| • | Top Software Titles Reclaimed |
| • | Top Software Titles by Reclamation Status |
| • | Software Reclamation Status |
| • | Reclamation Response Breakdown for Top Software Titles |
The Software Reclamation Savings dashboard displays reclamation savings over the specified time frame. Each bar represents the total savings earned for that time frame, with the total cost displayed on the top of each bar. Hovering over any bar provides an enhanced view of the reclamation savings for the specified time frame.
Software Reclamation Savings
For information about graph customization details, see the Dashboard Customization Options section for details about:
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
Top Software Titles by Reclamation Savings
This graph displays the software titles that have generated the most reclamation savings over a specified time frame. Each bar represents the total number of savings earned for that time slot, with the total cost displayed at the far right of each horizontal bar. Hovering over the bar also displays the reclamation savings and application details.
Top Software Titles by Reclamation Savings
For information about graph customization details, see the Dashboard Customization Options section for details about:
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
This graph displays the software titles that have been reclaimed over the specified time frame.
Each bar represents the total number of successfully reclaimed software for that time slot, with the total number displayed on the top of each bar. Each bar is divided by colors with each color representing individual software titles. When hovering over a color, the name of the software title is displayed along with the version and the reclaimed count for that duration.
Top Software Titles Reclaimed
For information about graph customization details, see the Dashboard Customization Options section for details about:
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
Top Software Titles by Reclamation Status
This graph displays the top software titles that have been processed for reclamation over the specified time frame. Each bar is divided into statuses: Failure in red, Pending in yellow and Success in green. Hovering over the color provides the name and version of the software title and the Failure/Pending/Success status count in that duration. At the end of the horizontal bar, the total number of requests placed for the software title is displayed.
Top Software Titles by Reclamation Status
For information about graph customization details, see the Dashboard Customization Options section for details about:
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
This graph displays the total software reclamation requests that have been placed over the specified time frame, and then groups them by Failed/Pending/Success status.
Each bar on the graph represents the total number of software requests placed over the time frame shown, with the total number of requests displayed on the top of each bar. Each bar is divided by colors according to the status of the software request. Hovering over a color on a bar displays the number of reclamation requests for that status and time frame.
Software Reclamation Status
For information about graph customization details, see the Dashboard Customization Options section for details about:
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
Reclamation Response Breakdown for Top Software Titles
This graph displays the software titles reclamation response breakdown for software titles over a specified time frame and groups the results by reclamation response (Keep, Not Responded, User Uninstall, and System Uninstall).
Each bar represents individual software titles sorted by maximum alerts generated. Each color represents the different responses (Keep, Not Responded, User Uninstall, and System Uninstall) taken by a user or system administrator. Hovering over the color displays the name and version of the software along with number of the type of actions taken for the selected time frame. At the end of the horizontal bar, the total number of alerts generated for the respective software is displayed.
Reclamation Response Breakdown for Top Software Titles
For information about graph customization details, see the following section, Dashboard Customization Options.
Dashboard Customization Options
The dashboard provides the following customization options:
| • | Choosing Time Frame for Graph Data |
| • | Selecting Graph Export, Annotate, and Print Options |
| • | Clicking Interactive Graph Legends |
| • | Setting Thresholds for the Reclamation Dashboard Tiles |
| • | Assigning Permissions to Dashboards |
Choosing Time Frame for Graph Data
The default date selected in the Select Time Frame drop-down list is Last 12 months. The time frame that is selected or specified is used for all graphs on the Software Reclamation dashboard. There are two ways you can specify a different time frame.
| • | Choose a time frame from the Select Time Frame drop-down list and click Apply. |
| • | Specify a custom time frame in the Start Date and End date fields and click Apply. |
Note • The last selected date control will be stored in browser storage. When you log in again, all Software Reclamation dashboard graphs will be rendered based on those stored dates.
Selecting Graph Export, Annotate, and Print Options
Each of three graphs on the Software Reclamation dashboard contain additional options. Click the down arrow at the top right of any graph to choose a graph option.
The following options are provided:
| • | Download—Downloads the graph as PNG, JPG, SVG, or PDF. |
| • | Save as—Saves the graph data as CSV, XSLX, or JSON. |
| • | Annotate—Lets you add notes to the graph. After you click Annotate and add notes to the graph, the drop-down list of options adds a Cancel option that gives you a way to erase annotations. |
| • | Print—Prints the graph. |
| • | Export All Data (Excel)—Exports data for all the software titles for the selected time frame (i.e., not only data for the of titles shown in the graph but data for all titles). |
Note • The Export All Data (Excel) option is provided for the following graphs only: Top Software Titles by Reclamation Savings, Top Software Titles by Reclamation Status, Reclamation Response Breakdown for Top Software Titles.
Clicking Interactive Graph Legends
Many graphs on the Software Reclamation dashboard contain legends at the right of the graph that provide a key for the colors used in the graph. These legends are interactive. You can click any legend value to remove it from the graph. Clicking a deselected legend value adds it back to the graph.
For example, the following shows the Software Reclamation Status graph with all legend values included.
All legend values included in graph
Clicking the red Failure legend status grays out that status in the legend and removes all red sections of the bars in the graph.
Failure status deselected in the legend and removed from graph
Setting Thresholds for the Reclamation Dashboard Tiles
You can set thresholds for successful, pending, and failed reclamations for the tiles on the dashboard. To do so, go to the Admin tab, open the Site Management > Settings > Web Site view and click the Dashboard tab. Under Threshold settings (under the Software Reclamation - Dashboard Settings section), enter the percentage of the total number of reclamations that need to be reached in the following categories before that category’s card changes color in the Software Reclamation dashboard:
| • | Successful reclamations—Displays in green if threshold is met; otherwise displays in yellow. |
| • | Pending reclamations —Displays in yellow if threshold is met; otherwise displays in gray. |
| • | Failed reclamations—Displays in red if threshold is met; otherwise displays in gray. |
Assigning Permissions to Dashboards
Any user who has View permission for the Reporting/Dashboard (provided under Admin-> Catalog Security -> Reporting/ Dashboard) sees the Software Reclamation dashboard as the default landing page when logging in to App Portal. Previously, the Browse Catalog page was the default landing page for App Portal. Alternately, you can access all dashboards by clicking the Dashboard tab in the main menu.
For more information, refer to the following topics in the App Portal / App Broker Administration Guide.
| • | “Assigning Permission to View the Dashboard Tab” |
| • | “Assigning Permission to View the Report Subtabs on the Dashboard Tab” |
Support for Campaign-Level Exclusions/Inclusions
App Portal / App Broker 2018 R1 adds flexibility in defining user and device exclusions at the campaign level for all the campaign types—namely License Reclamation, Retire, and Upgrade campaigns.
Companies commonly search for ways to reduce enterprise-wide IT costs. One popular method to accomplish cost reduction is by implementing IT process automation. App Portal / App Broker supports the company goal to automate IT processes; however, prior to this release, the My Apps campaign policy did not allow for support of individual campaign level exclusions or inclusions configurations respectively. This greatly limited the potential value of the automation provided by the campaign since the global list applies to each campaign level as well and was not flexible enough to address the exclusion needs of each individual campaign. No longer. Now, with this addition in App Portal / App Broker 2018 R1, you can now define an exclusion list per campaign.
Each campaign supports an exclusion/inclusion list which applies only to that campaign. This list can have users, devices or combination of it. If a user is listed and user is excluded as part of condition then, any device which is associated to that user will not be processed. In the event a device is listed and it is excluded then, device will not be processed, regardless of the associated user. Adding user and device exclusions per campaign provides the following benefits:
| • | Companies can define enterprise-level and campaign-level exclusions to provide more flexibility in exclusion definitions. |
| • | Companies can target campaign actions more granularly, such as with a software upgrade or removal. |
When creating a new campaign, user and device exclusion/inclusion can be defined which will apply only to that campaign. Furthermore, any existing global exclusions is also considered. An administrator can view cumulative exclusions for any campaign, and can see whether the exclusion is campaign-specific or a global exclusion.
The administrator can also change exclusions for existing campaigns from the campaign item. During campaign execution, both the global and campaign-specific exclusions are considered. An existing global setting, Ignore include enforcement if any excluded, that is available under Site Management > Settings > Web Site > Catalog Behavior determines whether inclusion or exclusion takes precedence. By default this setting is disabled which indicates inclusion takes precedence.
App Portal takes a cumulative approach for checking the eligibility for a given device as shown following.
| • | When no global level views found and no campaign level exclusions are found, then all devices which have that particular ARL are processed. |
| • | If no global views are found, then campaign level conditions decide the eligibility for processing alerts. |
| • | If no campaign-level conditions are found, then global views decide the eligibility for processing alerts. |
| • | If the device found is included in global views and inclusion takes precedence, then App Portal will not evaluate campaign-level conditions and the device is then processed for alerts. |
| • | If the device found is excluded in global views and exclusion takes precedence, then App Portal does not evaluate campaign-level conditions and the device is not processed for alerts. |
| • | When there is a conflict (for example, if a device is excluded in global views but included at campaign-level exclu sion, or visa-versa) then a global check box determines the eligibility for the device. |
For related information about campaign-level exclusions/inclusions, refer to the following subsections:
| • | Associated User Interface Changes |
| • | New Campaign Exclusion/Inclusion API End Points |
Associated User Interface Changes
The support campaign-level inclusions/exclusions results in the following enhancements to the App Portal user interface.
| • | Exclusion Conditions Column Added to Multiple Screens |
| • | Exclusion Campaign Conditions Pop-Ups |
| • | New Column added to Devices List (for all Campaigns) |
| • | Evaluating condition for <application name> on <device> Pop-Up |
Exclusion Conditions Column Added to Multiple Screens
An Exclusion Conditions column has been added to the following screens:
| • | My Apps License Reclamation Policies |
| • | Retire Campaign Policies |
| • | Upgrade Campaign Policies |
The Exclusion Conditions column works similarly on all of the above screens with the only difference being with respect to the campaign policy screen it is on. The following example shows the My Apps License Reclamation Policies.
Example of Exclusion Conditions Column on My Apps License Reclamation Policies
After you add an application to the My Apps License Reclamation Policies list, which means that the application is targeted for reclamation, you can view and edit a list of all license reclamation campaign conditions which have been sent out for this application by clicking the Edit link in the Exclusion Conditions column for that application. You can also delete existing campaign conditions by clicking the Delete link under the Exclusion Conditions column. If no campaign conditions exists, you will not see an Edit or Delete link but instead see an Add link. You can add a new campaign condition by clicking this Add link.
Exclusion Conditions Column Added
For more information about the addition of the Exclusion Conditions column, refer to the following topics in the App Portal / App Broker Administration Guide:
| • | “My Apps License Reclamation Policies” |
| • | “Retire Campaign Policies” |
| • | “Upgrade Campaign Policies” |
Exclusion Campaign Conditions Pop-Ups
The following new campaign condition pop-ups have been added:
| • | License Reclamation Campaign Conditions |
| • | Retire Campaign Conditions |
| • | Upgrade Campaign Conditions |
The pop-ups works similarly for all three campaign types with the only difference being with respect to the campaign policy it pops up on. The following example shows the pop-up with respect to the My Apps License Reclamation Policies.
Example of Exclusion Campaign Pop-Up on My Apps License Reclamation Policies
For each application, campaign-level conditions can be configured by adding one or combination of these conditions: AD Group/OU Group, AD Property, and Collections (based on User Collection and Device Collection, respectively). This conditions configuration determines the device for which the reclamation is to be processed.
License Reclamation Campaign Conditions pop-up
The fields are described:
|
Property/Tabs |
Description |
|
Group and OU, AD Property, and Collections tabs |
Use to create conditions—based on Active Directory Groups or OUs, Active Directory properties, and collections—that will force the MyApps process to evaluate user/device eligibility to process reclamation. |
|
Add Condition |
If you click Add Condition on the Group and OU, AD Property, or Collections subtabs of the License Reclamation Campaign Conditions dialog box the Add Condition dialog box opens. For more information see the “Add Condition Dialog Box” topic of the App Portal / App Broker Administration Guide. |
|
Remove Condition |
Select the checkbox of a condition and then click Remove Condition to remove that condition from the campaign. |
|
Save |
Saves the current pop-up settings. |
|
Apply to OU and child OUs |
Select this check box to apply this condition to all of the OU’s child OUs. If this option is not selected, this condition is not applied to the selected OU’s child OUs. |
For more information about the addition of the campaign conditions pop-ups, refer to the following topics in the App Portal / App Broker Administration Guide:
| • | “License Reclamation Campaign Conditions” |
| • | “Retire Campaign Conditions” |
| • | “Upgrade Campaign Conditions” |
New Column added to Devices List (for all Campaigns)
The Processed, Uninstalled, and ‘Is eligible for Alerts?’ columns have been added to the Devices list for all Campaigns (MyApps, Retire Campaign, and Upgrade Campaign. The Devices view lists all devices where the selected application is currently installed. You open the Devices view by clicking View (under the Targeted Devices) on the Upgrade Campaign Policies view.
This example shows the Devices view for upgrade campaigns.
Devices View for Upgrade Campaign
The following table describes the new columns:
|
Column |
Description |
|
Processed |
Indicates whether the device is already processed or not. |
|
Uninstalled |
Indicates whether the particular software is uninstalled from the device or not. This value depends on the Processed column: if the device is already processed then the value of this column will be either True or False. Otherwise it will not be applicable. |
|
Is eligible for Alerts? |
Provides a link with Yes/No values and indicates whether the device is eligible for processing the alerts or not based on the conditions defined for that campaign. Clicking this link opens an Evaluating condition for <application name> on <device> Pop-Up. |
Evaluating condition for <application name> on <device> Pop-Up
Clicking the Yes or No link under the ‘Is eligible for Alerts?’ column on any campaign Devices list opens an Evaluating condition for <application name> on <device> pop-up with detailed information about eligibility.
Evaluation Conditions
New Campaign Exclusion/Inclusion API End Points
In App Portal / App Broker 2018 R1, REST API endpoints have been added to support the new campaign exclusion/inclusion feature. You can use these new endpoints to add and/or edit and retrieve the standard conditions for all three types of campaigns: license reclamation, retire campaigns, and upgrade campaigns. For detailed information, see the “Retrieving the Standard Conditions for License Reclamation and Retire/Upgrade Campaigns” topic in the “App Broker REST API Reference” chapter of the App Portal / App Broker Administration Guide.
Important Information
End-of-Life Support for System Center Configuration Manager 2007 as of App Portal 2017 R2
Reminder: Because end-of-life support for System Center Configuration Manager 2007 (SCCM 2007) has been reached, App Portal 2017 R2 removed support for System Center Configuration Manager 2007. As a result of this change:
| • | App Portal Administrators and end users will no longer see references to System Center Configuration Manager 2007. All references have been removed from the App Portal interface. For example, When you select Settings under Site Management on the Admin tab, you will notice that the Deployment > SCCM 2007 subtab has been removed. |
| • | All APIs that were exposed for System Center Configuration Manager 2007 have been removed. |
Important • If you are still planning on using System Center Configuration Manager 2007, it is recommended that you remain on App Portal 2017 R1 or earlier.
Resolved Issues
The following table lists the customer issues that were resolved in App Portal / App Broker 2018 R1:
|
Issue |
Description |
|
IOJ-1891582 |
Basic Authentication throws Authorization has been denied for this request. |
|
IOJ-1890179 |
User Log files are going to a normal log files location when having multiple forests. |
|
IOJ-1889715 |
Majority of WD_UserComputerMap table has NULL for user IDs. Impacting Production. |
|
IOJ-1888407 |
Deadlocks in production environment. |
|
IOJ-1888037 |
Repeated Retire Campaigns are not uninstalling. |
|
IOJ-1887163 |
Error deleting inactive user computer maps. |
|
IOJ-1885691 |
During In Place Migration of ROB scenario the Choose Existing Application screen does not appear. |
|
IOJ-1883732 |
Status not updated when application has multiple deployment types. |
|
IOJ-1883130 |
Security groups not completely processed. |
|
IOJ-1882613 |
My Apps process does not finish processing all machines. |
|
IOJ-1882163 |
Automatic reclamation request failing when limit request on behalf of target is set. |
|
IOJ-1880515 |
App Portal upgrader fails to upgrade the MyApps folder. |
|
IOJ-1879515 |
Alerts which are regenerated after the "threshold" period are not displayed under My Current Alerts. |
|
IOJ-1878932 |
Not able to view detailed status for packages/task sequences. |
|
IOJ-1878440 |
SSL Security error when running App Portal 2017 R2 SP1 install. |
|
IOJ-1876815 |
Using a template to create catalog items sets the CatalogCost to NULL. |
|
IOJ-1874274 |
Multiple remedy tickets are created when device cannot be inserted into collection. |
|
IOJ-1873799 |
Allow option to point My Apps Unused SW alert to a "specific" catalog item for uninstall. |
|
IOJ-1872100 |
Device not removed from static group when canceling request. |
|
IOJ-1868506 |
CIs associated with FUID cannot be opened if FNMS is down or under a heavy load. |
|
IOJ-1864850 |
Request details view does not get displayed after upgrade. |
|
IOJ-1864843 |
Devices are not removed from collection on Successful install when language is not English. |
|
IOJ-1861762 |
NULL value in Catalog cost causes Error in Clone Migrate Compare. |
|
IOJ-1858820 |
Problems implementing SAML in Customer Environment. |
|
IOJ-1857577 |
My Apps Page does not display strings for English locale. |
|
IOJ-1857012 |
Get Machines List calls are failing Intermittently. |
|
IOJ-1856668 |
Datasync.log not getting updated to specified larger file size. |
|
IOJ-1855787 |
My Apps process completely stops with an exception when a machine with a null user mapping is encountered. |
|
IOJ-1854184 |
UpdateCatalogImage method does not update the icon if that icon name already exists. |
|
IOJ-1854166 |
App Portal's ignoring the My Apps include/exclude views when processing alerts. |
|
IOJ-1841169 |
App Portal upgrader should have an option to deselect the validation. |
|
IOJ-1836040 |
Deadlocks in customer environment impacting production. |
|
IOJ-1812007 |
Allow for security groups to use the CN or samaccountname as normal functionality. |
|
IOJ-1774761 |
SLB Security Test - Missing Cross-Frame Scripting Defense. |
|
IOJ-1774760 |
SLB Security Test - Missing "X-Content-Type-Options" header. |
|
IOJ-1770684 |
Mandatory advertisement setting is not being set for applications. |
|
IOJ-1740978 |
"Add to group on request / approval" fails when AD Group is on Child Domain. |
|
IOJ-1887016 |
AECOM: Can't get RejectRequest API to work. |
|
IOJ-1804366 |
Request for Data Sync to consider duplicate Users and Computers. |
|
IOJ-1840332 |
Orders taking a long time to process. |
|
IOJ-1767440 |
Update custom computer sync to include new IPAddress and OperatingSystem fields. |
|
IOJ-1881028 |
GetFNMPCustomViewWithMultipleFilters method throwing exceptions. |
|
IOJ-1877346 |
Datasync is not deleting UC mappings that don't meet the custom UC map query. |
|
IOJ-1879711 |
Collation Conflict in ExecuteGetAllUsersByUniqueName method. |
|
IOJ-1849258 |
Server error 500 when making REST API call, when saving settings. |
Upgrading to App Portal 2018 R1
When upgrading an existing version of App Portal to App Portal 2018 R1, it is very important that you review the following information before you begin the upgrade.
| • | Supported Upgrade Versions |
| • | Planning Your Upgrade |
| • | Upgrade Notes |
You can only upgrade to App Portal / App Broker 2018 R1 from the following previous versions:
| • | App Portal 2017 R2 |
| • | App Portal 2017 |
| • | App Portal 2016 |
| • | App Portal 2015 R2 |
| • | App Portal 2015 |
| • | App Portal 2014 |
To upgrade from one of these supported versions to App Portal 2018 R1, use the App Portal 2018 R1 installer, which can be downloaded from the Flexera Software Product and License Center.
When performing your upgrade to App Portal 2018 R1, it is recommended that you include the following steps in your upgrade process:
| • | Review the Release Notes—Thoroughly review this document, the App Portal 2018 R1 Release Notes. |
| • | Backup your database—Prior to upgrading, you need to back up your existing App Portal database. It will not be backed up automatically by the installer. even if you are performing a “fresh” install on an existing database. |
| • | Backup user interface customizations—If you have customized your App Portal user interface, back up this directory of files before performing the upgrade: |
[AppPortalInstallationDirectory]\Web\App_Themes\Flexera
| • | Upgrade and test in a lab environment—Before rolling out the App Portal upgrade in production, first upgrade App Portal in a lab environment using a clone or subset of your production data and test it thoroughly to make sure it still operates as per your requirements. |
| • | Production rollout—When you are ready to roll out the App Portal upgrade to your production environment, it is recommended that you include the following steps: |
| a. | Backup your existing App Portal database. |
| b. | Take a snapshot of the App Portal server, if possible. |
| c. | Provide downtime notice to your end users. |
| d. | Schedule your service window to allow for adequate testing post-production upgrade. |
| e. | Test your recovery model. |
Please note the following regarding upgrading from earlier versions of App Portal:
| • | Upgrading the App Portal Web Service—Upgrading the existing App Portal instance will not upgrade the existing App Portal Web Services application. You need to manually run the AppPortalWebServiceSetup_2018_R1.exe installer on your System Center Configuration Manager machine. |
| • | App Portal logo not being displayed after upgrade—If you have a problem loading the App Portal logo (which is the default logo provided by App Portal) after upgrading, then you need to manually change the following AppSetting entry in the WD_AppSettings table from “CompanyLogoURL” to “/esd/Images/ap-logo.jpg”. However, if you are going to be using a custom logo, there is no need to perform this step. |
| • | My Apps scheduled tasks now run under Service Account—Starting with App Portal 2017, the My Apps-related scheduled tasks (App Portal - Process Computers for My Apps Alerts and App Portal - Send out My Apps Email Notifications) will run under the Service Account instead of the System Account. However, if you are upgrading from a previous version, you need to manually change the account that those scheduled tasks will run under; the App Portal installer will not makes these changes. |
| • | Microsoft .NET Framework 4.6.1—You should make sure that Microsoft .NET Framework 4.6.1 is installed prior to upgrading an existing installation of App Portal. Microsoft .NET Framework 4.6.1 is not bundled with the installer. |
System Requirements
This section lists the system requirements for App Portal / App Broker:
| • | Environment Requirements |
| • | Client Requirements |
| • | Server Requirements |
| • | Supported Deployment Technologies |
| • | Supported ITSM Systems |
| • | Supported Cloud Applications |
Environment Requirements
Prior to beginning App Portal / App Broker installation, make sure that your environment meets or is able to meet the following requirements:
|
Requirement |
Description |
|||
|
Microsoft Active Directory is required for App Portal / App Broker. It is fully supported under Windows Server 2008 R2 or later domains operating at all functional levels. |
||||
|
DNS |
If you choose Use Reverse DNS as a computer discovery method during App Portal installation, a DNS service is required that supports and contains Reverse DNS Zones. |
|||
|
Database Software |
Microsoft SQL Server 2012 or later, including Microsoft SQL Server 2016.
|
|||
|
SMTP Compatible Mail System |
App Portal / App Broker requires an SMTP-compatible mail system, and supports both local and remote SMTP servers. |
|||
|
App Portal / App Broker supports the versions of IIS that are installed with Windows Server 2012 or later, The IIS Application Server and Web Server roles need to be installed. App Portal / App Broker is installed into a virtual directory named ESD and is accessible using http://alias/ESD. A DNS A-RECORD must be created to access the site if you wish to use an alias. |
||||
|
Integrated Authentication |
App Portal / App Broker uses a user’s current Active Directory credentials to authenticate to IIS/App Portal / App Broker. |
|||
|
Active Directory User Discovery must be enabled in System Center Configuration Manager and/or Altiris Client Management Suite for App Portal / App Broker to function properly. Additional Active Directory User Discovery extensions are also required. Extend the attributes using the Active Directory User Discovery method in the System Center Configuration Manager Console and/or Altiris Management Console. Include the following attributes in addition to the existing ones if performing manually: department title displayName distinguishedName manager company l (lower case L) (Only enter the letter l!) postalCode sn givenName physicalDeliveryOfficeName Important • This is only required if you are using standard discovery from System Center Configuration Manager or Altiris. If you are providing a custom SQL script to perform user and computer discovery, these steps are not required. Caution • The user discoverable attribute displayName is required to be extended in System Center Configuration Manager and/or Altiris Client Management Suite. This needs to be done before performing the user and computer sync process or the process will fail. |
||||
|
High Speed Connection |
The IIS server should be on the same physical network as the database server, and should be connected at a high speed (greater than or equal to 100 MBit). |
Client Requirements
The following are the App Portal client requirements:
|
Requirement |
Description |
|||||||||
|
Desktop Operating Systems |
Note • To deploy software to a device using App Portal / App Broker, the device needs to be managed by Microsoft System Center Configuration Manager, Symantec Altiris, or Casper. |
|||||||||
|
Mobile Operating Systems |
Note • To deploy mobile apps using App Portal / App Broker, the device needs to be registered and managed by AirWatch or MobileIron. |
|||||||||
|
Browser |
App Portal / App Broker supports the following browsers:
Note • The fall back to ReverseDNS on these browsers is only done if ActiveX is the primary computer discovery method chosen. If the discovery method is set to SCCM, then App Portal / App Broker will honor that for all browsers. |
|||||||||
|
Trusted Sites |
The App Portal / App Broker web site must be added to the trusted sites list for Internet Explorer. For example: http://APPPORTALSERVER Important • This is very important. |
Server Requirements
The following are the server requirements for the App Portal / App Broker Web Service and the App Portal / App Broker installation platform:
| • | App Portal / App Broker Web Service Server |
| • | App Portal / App Broker Installation Platform |
| • | Setting Permissions: App Portal Service Account |
App Portal / App Broker Web Service Server
The following are the system requirements for the servers where the App Portal / App Broker Web Service is installed:
|
Requirement |
Description |
|
Authentication |
Windows Authentication |
|
Microsoft .NET Framework |
Microsoft .NET Framework 2.0 SP1 or later is required on all primary sites. |
|
IIS |
App Portal / App Broker supports the versions of IIS that are installed with Windows Server 2008 R2 or later. The IIS Application Server and Web Server roles need to be installed. |
|
ASP.NET |
ASP.NET needs to be installed. |
The instructions for installing the App Portal / App Broker Web Service depends upon your deployment technology:
| • | For System Center 2012 Configuration Manager and System Center Configuration Manager (Current Branch), the App Portal / App Broker Web Service is only needed at the CAS or Central site. |
For System Center 2012 Configuration Manager and System Center Configuration Manager (Current Branch), folders will be created called App Portal Users For Site XXX and App Portal Computers for site XXX.
App Portal / App Broker Installation Platform
The App Portal / App Broker installation platform must meet the following requirements:
|
Requirement |
Description |
|
Authentication |
Windows Authentication |
|
Operating System |
Windows Server 2012 or later |
|
IIS |
App Portal / App Broker supports the versions of IIS that are installed with Windows Server 2012 or later. The IIS Application Server and Web Server roles need to be installed. |
|
Microsoft .NET Framework |
Microsoft .NET Framework 4.6.1 or later |
|
ASP.NET |
ASP.NET needs to be installed. |
Setting Permissions: App Portal Service Account
App Portal requires that you identify an account (App Portal service account) to use for the interaction with SQL and Active Directory. The App Portal service account will require administrative permissions on the client workstations if you wish App Portal to successfully run machine policy evaluation for accelerated software deployments and rerunning advertisements as necessary.
The service account must have Read permission on the Microsoft System Center Configuration Manager or Altiris Client Management database in SQL and Read/Write permission on the App Portal database that gets created during the installation process. The Installer Account will attempt to provision the Service Account with DB_DataReader permissions to the SCCM database and DBO permissions to the App Portal database.
Supported Deployment Technologies
App Portal / App Broker 2018 R1 supports the following deployment technologies for software distribution:
| • | Microsoft System Center Configuration Manager (Current Branch) |
| • | Microsoft System Center 2012 Configuration Manager |
| • | Altiris Client Management Suite 7.1 or later |
| • | AirWatch 9.1.2.4 (for mobile application deployment) |
| • | JAMF Casper Suite 9.6.4 |
| • | MobileIron 9.2 |
Note • App Portal supports JAMF Casper Suite 9.6.4 on premises version; the cloud version is not supported. Inventory can be collected from Macintosh computers running OS X 10.7.x or later.
The purpose of App Portal / App Broker’s support for multiple deployment technologies is to enable you to:
| • | Provide a seamless end user experience while you are upgrading from older versions of System Center Configuration Manager to System Center Configuration Manager (Current Branch). |
| • | Present a single instance to your users even if your organization uses both System Center Configuration Manager and Altiris deployment technologies across your enterprise. |
| • | Provide your users with a universal app store containing both desktop and mobile applications. |
You enter the deployment technology connection settings by opening the Deployment tab on the Site Management > Settings view, and then entering the settings on the ConfigMgr, SCCM 2012, Altiris, AirWatch, MobileIron, or Casper subtabs.
Site Management > Settings > Deployment Tab
App Portal / App Broker can only be connected to multiple servers of the same type if they are set up in a hierarchical relationship, with only the “main” site’s connection information entered on the Site Management >Settings > Deployment tab. The following table describes the acceptable hierarchical relationships for the three deployment technologies:
|
Technology |
Description |
|
System Center Configuration Manager (Current Branch) System Center 2012 Configuration Manager |
Single Primary Site OR Central Administration Site > Child Primary Sites For System Center Configuration Manager (Current Branch) or System Center 2012 Configuration Manager, App Portal / App Broker only communicates with one site: either a Single Primary Site or a Central Administration Site (which in turn replicates data to all Child Primary Sites). |
|
Altiris Client Management Suite 7.1 or later |
Single Primary Site OR Central Site > Child Primary Sites For Altiris. App Portal / App Broker only communicates with one site: either a Single Primary Site or a Central Site (which in turn replicates data to all Child Primary Sites). |
Important • App Portal / App Broker does not support connecting to multiple, disconnected deployment servers that are using the same deployment technology and version.
Note • When using System Center Configuration Manager, Microsoft .NET Framework 4.6.1 is required to be installed on the IIS server in order to run the App Portal / App Broker service and web site. This is not required when using Altiris Client Management Suite.
Supported ITSM Systems
Both App Portal and App Broker include out-of-the-box support for integrating with ITSM systems.
App Portal
App Portal 2018 R1 provides support for the following ITSM systems:
| • | ServiceNow (versions: Kingston and London) |
| • | BMC Remedy IT Service Management Suite |
When App Portal’s ServiceNow or BMC integration is set up, whenever specified actions occur in App Portal (such as when a request is submitted), tickets in the attached ITSM system can be automatically opened or closed, or the status of a ticket can be reported on.
Note • If you would like to integrate with an ITSM system other than ServiceNow or BMC Remedy, you can use App Portal’s reusable framework to connect to and configure integration to that system.
App Broker Software for ServiceNow
With App Broker Software for ServiceNow 2018 R1, you can publish App Portal catalog items in the ServiceNow catalog. This enables ServiceNow users to request software directly in the ServiceNow self-service portal, with App Portal performing the license check and automated deployment. Using App Broker Software for ServiceNow, you can also submit a request for OS deployment and/or application migration from within the ServiceNow user interface, using a custom Employee App Provision Request wizard.
Important • To use App Broker Software for ServiceNow, you must have a ServiceNow MID Server that has access to the App Portal / App Broker REST APIs.
Important • In order for the out-of-the-box App Broker Software for ServiceNow workflow to function, you must have also purchased FlexNet Manager Suite and connected it to App Portal.
App Broker Software for BMC
With App Broker Software for BMC 2017, you can use MyIT as your front end app store, while App Portal performs the behind-the-scenes fulfillment of software requests, including automatically reserving licenses. Using App Broker Software for BMC enables you to provide your employees with a single service portal for all request types: software, hardware, and other IT services.
Important • In order for the out-of-the-box App Broker for BMC workflow to function, you must have also purchased FlexNet Manager Suite and connected it to App Portal.
Supported Cloud Applications
App Portal / App Broker 2018 R1 provides out-of-the-box support for the following cloud applications:
| • | Box |
| • | Salesforce |
| • | Microsoft Office 365 |
You can also manually create a connection to another cloud application system (such as DropBox, WebEx, GotoMeeting, Concur, etc.) so that you can create catalog items for that system.
If you connect App Portal / App Broker to one of these cloud applications, App Portal / App Broker can offer a catalog item that will automatically create an account for the requester in that cloud application.
Legal Information
Copyright Notice
Copyright © 2018 Flexera.
This publication contains proprietary and confidential information and creative works owned by Flexera Software LLC and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera Software LLC is strictly prohibited. Except where expressly provided by Flexera Software LLC in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera Software LLC intellectual property rights, whether by estoppel, implication, or otherwise.
All copies of the technology and related information, if allowed by Flexera Software LLC, must display this notice of copyright and ownership in full.
Intellectual Property
For a list of trademarks and patents that are owned by Flexera Software, see http://www.flexerasoftware.com/intellectual-property. All other brand and product names mentioned in Flexera Software products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners.
Restricted Rights Legend
The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software was developed fully at private expense. All other use is prohibited.