# Apptimized Platform Admin Manual # Prerequisites and firewall rules The following prerequisites apply for Apptimized Platform: 1. Browsers: - Google Chrome with version 75.0 and above - Mozilla Firefox with version 60.0 and above - Apple Safari with version 12.0 and above - Microsoft Edge with version 83 and above 2. Enabled Java-script in browser 3. Endpoint PC or VM with access to the 80 and 443 port of app.apptimized.com host 4. Firewall white list:
**Component** **Description**
https://app.apptimized.com/ Address for access to Apptimized Portal
wss://rdp-gw-v2.apptimized.com Address for working with RDP connections in Apptimized Portal Granting permissions to communicate via WebSocket SSL protocol is needed
https://auth.apptimized.com/Address for single sign-on
https://admin.apptimized.com/Address for manage organization configurations
https://apptimizedportalshare.file.core.windows.net
Address for download files from Apptimized Portal
https://screenshots.api.apptimized.technology Address for screenshots storage
https://docs.apptimized.com/ Address for Apptimized user documentation
\*.chatlio.com Address for access to support chat widget
\*.swarm.apptimized.com Address for Apptimized Portal virtualization service. Granting privileges on wildcards subdomains is needed. Granting permissions to connect via RDP protocol is needed
The standard account credentials for Apptimized Platform on Apptimized VMs are:
**Login****Password**
apptimizedapptimized
administratorapptimized
#### #### Requirements and limitations for Apptimized Whitelabeling The following requirements need to be met for custom domain Whitelabeling configuration:
**Component****Description**
CNAMERecord created with customer's DNS provider using the following configuration: CNAME %subdomain%.%customerdomain%.%TLD% = *apptimized-portal.azurewebsites.net* Example: *CNAME apps.greatcompany.com = apptimized-portal.azurewebsites.net*
TXTRecord created with customer's DNS provider using the following configuration: TXT = verification code = %customerdomain%.%TLD% Example: *TXT=7D86E8C065D4002DA1DC8E74C921D1EDAFA = greatcompany.com*
SSL certificateCertificate in a form of PFX file + password combined into a PWD file.
Domain addressAddress for custom Apptimized Portal whitelabeling.
DNS hostName of Domain Name Server host.
Domain for mail sendingAddress for email sending configuration.
The prerequisites need to be provided to Apptimized staff or delivery managers in order to proceed with the configurational process. #### Requirements and limitations for Apptimized Connectors ##### SCCM Connector The following prerequisites apply for SCCM connector: - Endpoint PC or VM with access to the 443 port of app.apptimized.com host; - Endpoint membership in Active Directory domain; - Microsoft Windows Desktop (Windows 7 and above) or Server OS (Windows Server 2012 R2 and above) with installed .NET Framework 4.6.1; - Write permissions for network share with packages source media for automatic media transfer; - Administrator role for SCCM or permissions to create applications, deployment types, and deployments; - Installed [SCCM Administrator Console](https://docs.microsoft.com/en-us/mem/configmgr/core/servers/deploy/install/install-consoles) with a connection to the [SCCM server](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/integration#bkmrk-1.5.-apptimized-sccm). ##### Intune Connector The following prerequisites apply for Intune connector: - Microsoft Azure account with the active subscription; - Application administrator, Application developer, Cloud application administrator roles or permissions to manage applications in Azure Active Directory; - Access to [Azure Active Directory tenant.](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant) ##### ServiceNow Connector The following prerequisites apply for ServiceNow connector: - ServiceNow instance; - System administrator role for ServiceNow or permissions to create tables & web service configuration; ##### Azure VDI Connector - Standard Microsoft Azure public cloud with subscription and tenant. - Access to standard Microsoft Azure Virtual machines (not WVD). - Access to [Azure Active Directory tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant). ##### Apptimized TO GO Connector The following prerequisites apply for Apptimized TO GO connector: 1. Speed of internet connections – min 50 Mb/s. 2. Enabled firewall white list:
**Component****Description**
https://app.apptimized.com/ Address for access to Apptimized Portal
https://rdp-gw.apptimized.com/ Address for working with RDP connections in Apptimized Portal
https://rdproxy.apptimized.com/ Address for working with DRP connections in Apptimized Portal via proxy
https://screenshots.api.apptimized.technology/Address for screenshots storage
https://auth.apptimized.com/Address for single sign-on
\*.swarm.apptimized.comAddress for Apptimized Portal virtualization service. Granting privileges on wildcards subdomains is needed. Granting permissions to connect via RDP protocol is needed
\*.chatlio.comAddress for access to support chat widget
3. Endpoint PC or VM with access to the 443 port of app.apptimized.com host; 4. Microsoft Windows Desktop (Windows 7 and above) or Server OS (Windows Server 2012 R2 and above) with installed .NET Framework 4.6.1; 5. Windows 7: Fallback via HTTPS - downloading files from Apptimized Portal to the temp folder on the C drive of the TO GO machine & mounting the folder as a Network drive; 6. Windows 10: SMB 3+ presence - mounting Apptimized Portal as Network drive; if SMB 3+ is not present, see Windows 7 scenario above. # SCCM User Guide # Push to SCCM as Application Push to SCCM as Application Deployment starts from the project portfolio. [![sccm_27.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/M7gjsM6O9hLl3hSp-sccm_27.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/M7gjsM6O9hLl3hSp-sccm_27.png)

The application should have a package file produced during the Packaging step (Factory or Self-Service). If the required file is missing, Apptimized shows the notification. [![sccm_15.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/5lwmLAFlfpRUVX4K-sccm_15.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/5lwmLAFlfpRUVX4K-sccm_15.png)

After locating the application in the list, the deployment process can be triggered by clicking the extended menu in the **Actions** column and selecting **Push to SCCM as Application**. [![PortfolioSCCM.png](https://docs.apptimized.com/uploads/images/gallery/2024-12/scaled-1680-/portfoliosccm.png)](https://docs.apptimized.com/uploads/images/gallery/2024-12/portfoliosccm.png) Apptimized shows the following screen when successful: [![sccm_31_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/qIWzgEbwivBsPKpL-sccm_31_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/qIWzgEbwivBsPKpL-sccm_31_01.png) The option to continue the deploying process is available after selecting the **SCCM environment** and clicking the **Confirm** button. Apptimized shows the following screen when successful: [![Pushtosccm.png](https://docs.apptimized.com/uploads/images/gallery/2024-12/scaled-1680-/pushtosccm.png)](https://docs.apptimized.com/uploads/images/gallery/2024-12/pushtosccm.png) Before proceeding with application settings, ensure that the **SCCM Connector** is available and has a valid API key: - **SCCM Connector Status Monitor**: Located in the upper-right corner of the page, this monitor displays the connection status. - **SCCM Connection Status**: The status must show **Connected** to confirm that the connector is operational. - **Indicator Icons**: Check that both the **connector** and **key** icons are green, indicating a latest connector version installed and valid API key. This quick status check ensures that the SCCM Connector is fully functional, allowing seamless application management and deployment to SCCM. [![SCCMstatus.png](https://docs.apptimized.com/uploads/images/gallery/2024-12/scaled-1680-/sccmstatus.png)](https://docs.apptimized.com/uploads/images/gallery/2024-12/sccmstatus.png) The application inherits default SCCM project settings. . Brief field descriptions are available by hovering the info icon ([![info.png](https://docs.apptimized.com/uploads/images/gallery/2020-07/scaled-1680-/rn4N9zcLXMfUeVtu-info.png)](https://docs.apptimized.com/uploads/images/gallery/2020-07/rn4N9zcLXMfUeVtu-info.png)) An application is scheduled for deployment by clicking on the **Save** button. Apptimized shows the following notification when successful: [![image-1612435302794.png](https://docs.apptimized.com/uploads/images/gallery/2021-02/scaled-1680-/Hd33sHXtDvnKNoO3-image-1612435302794.png)](https://docs.apptimized.com/uploads/images/gallery/2021-02/Hd33sHXtDvnKNoO3-image-1612435302794.png) It takes a few minutes for SCCM objects to appear in the SCCM Admin Console. Details of the deployment process components are described in the sections below. ### Create the application in SCCM The creation of applications can be enabled by **Create Application** switch and editing appropriate settings if required. Brief field descriptions are available by hovering the info icon ([![info.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/wmeTsIn3XGJj4EpS-info.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/wmeTsIn3XGJj4EpS-info.png)) located near every field. [![createappinSCCM.png](https://docs.apptimized.com/uploads/images/gallery/2024-12/scaled-1680-/createappinsccm.png)](https://docs.apptimized.com/uploads/images/gallery/2024-12/createappinsccm.png) Table 4. Application settings
**Settings** **Details**
Vendor name The vendor name equals the vendor field of application in the project portfolio.
Application display name The application name equals the application field of application in the project portfolio.
Localized Application name The name of the application to be shown in SCCM console.
Application version The application version equals the application version of the application in the project portfolio.
Application owner Package creator name. The default value is the name of a current user.
Administrator Comments This term corresponds to the term **Administrator comments** in the SCCM admin console.
SCCM optional reference Optional reference to the SCCM environment.
Folder in the SCCM Console UI This setting indicates the folder for applications in SCCM Console UI. Applications can store in the main folder **Applications** (default) or any subfolders.
Auto-install in task sequence of SCCM Console This setting corresponds to the setting** Install or uninstall the application by default** in the **Connection and default configuration** step (see [Table 2](https://docs.apptimized.com/link/6#bkmrk-table-2.-advanced-se)).
Icon (.png, .jpg, .jpeg, .ico only)This setting allows to **Add**, **Change** or **Remove** the application icon for Software Center. Icons can have pixels dimensions of up to **512×512.**
### ### Create the deployment type in SCCM The creation of deployment type can be enabled by **Create Deployment Type** switch and editing appropriate settings if required. Brief field descriptions are available by hovering the info icon ([![info.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/wmeTsIn3XGJj4EpS-info.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/wmeTsIn3XGJj4EpS-info.png)) located near every field. [![sccm_27_01.png](https://docs.apptimized.com/uploads/images/gallery/2022-06/scaled-1680-/uYpXaycaD5Ckc998-sccm_27_01.png)](https://docs.apptimized.com/uploads/images/gallery/2022-06/uYpXaycaD5Ckc998-sccm_27_01.png) The list of created deployment type templates (see [**Integration** ](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/integration)> **Connection and default configuration** step) is available under the **Deployment types** block. All templates are disabled by default. A template becomes active when switched on. [![image 158.png](https://docs.apptimized.com/uploads/images/gallery/2024-12/scaled-1680-/image-158.png)](https://docs.apptimized.com/uploads/images/gallery/2024-12/image-158.png) [![image 159.png](https://docs.apptimized.com/uploads/images/gallery/2024-12/scaled-1680-/image-159.png)](https://docs.apptimized.com/uploads/images/gallery/2024-12/image-159.png) The option to expand deployment type template is available under the [![sccm_changes_09.PNG](https://docs.apptimized.com/uploads/images/gallery/2020-07/scaled-1680-/hwm7edbt064jgEFo-sccm_changes_09.PNG)](https://docs.apptimized.com/uploads/images/gallery/2020-07/hwm7edbt064jgEFo-sccm_changes_09.PNG) symbol. A user can change pre-configured template settings if needed. Template settings correspond to the SCCM integration settings. ### Create the deployment in SCCM Creation of deployment can be enabled by **Create Deployment** switch and editing appropriate settings if required. Brief field descriptions are available by hovering the info icon ([![info.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/wmeTsIn3XGJj4EpS-info.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/wmeTsIn3XGJj4EpS-info.png)) located near every field. [![sccm_29_01.png](https://docs.apptimized.com/uploads/images/gallery/2022-06/scaled-1680-/RtZZdYFnoCzoeftD-sccm_29_01.png)](https://docs.apptimized.com/uploads/images/gallery/2022-06/RtZZdYFnoCzoeftD-sccm_29_01.png) Table 5. Deployment settings
**Settings** **Details**
Name of default destribution group This setting corresponds to the setting **Name of a default distribution group** шn the **Connection and default configuration** step (see [Table 1](https://docs.apptimized.com/link/6#bkmrk-table-1.-basic-setti "Integration")).
Collection type This setting corresponds to the setting **Collection type** in the **Connection and default configuration** step (see [Table 1](https://docs.apptimized.com/link/6#bkmrk-table-1.-basic-setti "Integration")).
Collection name This setting corresponds to the setting **Collection name** in the **Connection and default configuration** step (see [Table 1](https://docs.apptimized.com/link/6#bkmrk-table-1.-basic-setti "Integration")).
Install or uninstall the application by default This setting corresponds to the setting **Install or uninstall the application by default** in the **Connection and default configuration** step (see [Table 2](https://docs.apptimized.com/link/6#bkmrk-table-2.-advanced-se "Integration")).
Deploy the purpose of the installation by default This setting corresponds to the setting **Deploy purpose of the installation by default** in the **Connection and default configuration** step (see [Table 2](https://docs.apptimized.com/link/6#bkmrk-table-2.-advanced-se "Integration")).
Deadline time This setting corresponds to the setting **Deadline time** in the **Connection and default configuration** step (see [Table 2](https://docs.apptimized.com/link/6#bkmrk-table-2.-advanced-se "Integration")).
Time zone of deadline This setting corresponds to the setting **Time zone of a deadline** in the **Connection and default configuration** step (see [Table 1](https://docs.apptimized.com/link/6#bkmrk-table-1.-basic-setti "Integration")).
Deadline date This setting sets the deadline date for the application installation. The default value is set to the current date.
# Push to SCCM as Package Deployment starts from the project portfolio. [![sccm_27.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/M7gjsM6O9hLl3hSp-sccm_27.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/M7gjsM6O9hLl3hSp-sccm_27.png)

The application should have a package file produced during the Packaging step (Factory or Self-Service). If the required file is missing, Apptimized shows the notification. [![sccm_15.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/5lwmLAFlfpRUVX4K-sccm_15.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/5lwmLAFlfpRUVX4K-sccm_15.png)

After locating the application in the list, the deployment process can be triggered by clicking the extended menu in the **Actions** column and selecting **Push to SCCM as Package**. [![sccm_21_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/jww7o9Ppy1i16fW9-sccm_21_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/jww7o9Ppy1i16fW9-sccm_21_01-(1).png) Apptimized shows the following screen when successful: [![sccm_31_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/qIWzgEbwivBsPKpL-sccm_31_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/qIWzgEbwivBsPKpL-sccm_31_01.png) The option to continue the deploying process is available after selecting the **SCCM environment** and clicking the **Confirm** button. Apptimized shows the following screen when successful: [![sccm_22_03.png](https://docs.apptimized.com/uploads/images/gallery/2022-04/scaled-1680-/9QZubXwtfYZqtULK-sccm_22_03.png)](https://docs.apptimized.com/uploads/images/gallery/2022-04/9QZubXwtfYZqtULK-sccm_22_03.png) **The package name** option is the only option that requires manual verification and confirmation. The package inherits default SCCM project settings. . Brief field descriptions are available by hovering the info icon ([![info.png](https://docs.apptimized.com/uploads/images/gallery/2020-07/scaled-1680-/rn4N9zcLXMfUeVtu-info.png)](https://docs.apptimized.com/uploads/images/gallery/2020-07/rn4N9zcLXMfUeVtu-info.png))

**Note****.** Max length for a package name is 50 symbols.

The package is scheduled for deployment by clicking on the **Save** button. Apptimized shows the following notification when successful: [![sccm_26_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/PZ7Gcvp685CwvKa1-sccm_26_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/PZ7Gcvp685CwvKa1-sccm_26_01-(1).png) It takes a few minutes for SCCM objects to appear in the SCCM Admin Console. Details of the deployment process components are described in the sections below. ##### Create the package in SCCM The creation of applications can be enabled by **Create Application** switch and editing appropriate settings if required. Brief field descriptions are available by hovering the info icon ([![info.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/wmeTsIn3XGJj4EpS-info.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/wmeTsIn3XGJj4EpS-info.png)) located near every field. [![sccm_23_03.png](https://docs.apptimized.com/uploads/images/gallery/2022-04/scaled-1680-/FENT5vxfRRTNQr3B-sccm_23_03.png)](https://docs.apptimized.com/uploads/images/gallery/2022-04/FENT5vxfRRTNQr3B-sccm_23_03.png)
**Settings** **Details**
Manufacturer This setting equals the vendor field of application in the [project portfolio](https://docs.apptimized.com/link/246#bkmrk-table-1.-information).
Version This setting equals the version field of the application in the [project portfolio](https://docs.apptimized.com/link/246#bkmrk-table-1.-information).
Language This setting equals the language field of application in the [project portfolio](https://docs.apptimized.com/link/246#bkmrk-table-1.-information).
Сomment This setting enables setting the optional description for the package.
Source file This setting enables the selection of the package that will be deployed under SCCM.
Where unzip package source This setting corresponds to **Where unzip package source setting** under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Use package name for the folder name This setting corresponds to **Use package name for the folder name** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Source path This setting corresponds to **Source path** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Folder for package in Sccm Console This setting corresponds to **Folder for package in Sccm Console** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Windows user name for folder path in SCCM Console This setting indicates the user name of user under Windows OS for folder path in SCCM Console.
Remove default User account This setting corresponds to **Remove default User account** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Add account access This setting corresponds to **Add account access** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Group name This setting corresponds to **Group name** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Permission access level This setting corresponds to **Permission access level** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Set security scope This setting corresponds to **Set security scope** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
Security scope This setting corresponds to **Security scope** setting under **Project Settings** > **Integration** > **SCCM** > **Package template**. (see [Table 4](https://docs.apptimized.com/link/6#bkmrk-table%C2%A04.%C2%A0package%C2%A0tem))
##### Create Program(s) in SCCM The creation of applications can be enabled by **Create Program(s)** switch > enabling switches of all created programs under the Project settings (link) and editing appropriate settings if required. Brief field descriptions are available by hovering the info icon () located near every field. [![sccm_24_04.png](https://docs.apptimized.com/uploads/images/gallery/2022-04/scaled-1680-/37vPdrBt4SbwmTTn-sccm_24_04.png)](https://docs.apptimized.com/uploads/images/gallery/2022-04/37vPdrBt4SbwmTTn-sccm_24_04.png) The settings description is available under **Project Settings** > **Integration** > **SCCM** > **Package template** > **Create program** button (see [Table 5](https://docs.apptimized.com/link/6#bkmrk-table-5.-program-tem)). ##### Create Deployment(s) in SCCM The creation of applications can be enabled by **Create Program(s)** switch > setting the distribution group name > enabling switches of all created deployments under the Project settings (link) and editing appropriate settings if required. Brief field descriptions are available by hovering the info icon () located near every field. [![sccm_25_03.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/I3MMmDdvgIB5qMxy-sccm_25_03.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/I3MMmDdvgIB5qMxy-sccm_25_03.png) The settings description is available under **Project Settings** > **Integration** > **SCCM** > **Package template** > **Create deployment** button (see [Table 6](https://docs.apptimized.com/link/6#bkmrk-table-6.-package-dep)). # Import from SCCM SCCM application import starts from the **Import** submenu of the workflow item in the menu of a project. [![sccm_36.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/xD0ivu6Fc5gwcvAn-sccm_36.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/xD0ivu6Fc5gwcvAn-sccm_36.png) The option to start the import is called **“SCCM Import.”** [![sccm_39.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/V8C1sPOKmLy2OraY-sccm_39.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/V8C1sPOKmLy2OraY-sccm_39.png) The initial preparation process may take a while. In case of a connection failure, Apptimized shows the following message: [![sccm_40.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/BFcYzLgKtvbDwrAd-sccm_40.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/BFcYzLgKtvbDwrAd-sccm_40.png) Single import session imports a single folder. For example, one of the following folders import in the scope of import session: root folder **Application** or folder **Test 1** or folder **bis\_628**.

The checkbox **All applications** always relates to the current folder. The screen below shows the import of contained in the root **Applications** folder.

Applications can be excluded from import by unticking checkboxes in front of their names. [![sccm_module_03.png](https://docs.apptimized.com/uploads/images/gallery/2020-04/scaled-1680-/zYxPLIhV3Rp2T9pf-sccm_module_03.png)](https://docs.apptimized.com/uploads/images/gallery/2020-04/zYxPLIhV3Rp2T9pf-sccm_module_03.png)

The icon below means that this application already exists in the project portfolio but can be imported for a second time. As a result, this created duplicates in the project portfolio. [![sccm_module_04.png](https://docs.apptimized.com/uploads/images/gallery/2020-04/scaled-1680-/Jyi0LGvtlEZsCLcQ-sccm_module_04.png)](https://docs.apptimized.com/uploads/images/gallery/2020-04/Jyi0LGvtlEZsCLcQ-sccm_module_04.png)

The import process starts by clicking on the **Next** button. It takes up to **30 minutes** and will depend on the number of applications and their size. “Set metadata” shows import candidates' meta information and provides the ability to update it to desired values. All required fields have \* in front of their label. [![sccm_module_05.png](https://docs.apptimized.com/uploads/images/gallery/2020-04/scaled-1680-/Lyp1yNdT7Sc9HTFd-sccm_module_05.png)](https://docs.apptimized.com/uploads/images/gallery/2020-04/Lyp1yNdT7Sc9HTFd-sccm_module_05.png) Exclude applications from the import by unticking the checkbox. [![sccm_44_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/Ty7FwEwZjuy2SN4h-sccm_44_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/Ty7FwEwZjuy2SN4h-sccm_44_2.png) The process reverts to the initial screen by clicking on the **Back** button and finalizes by clicking on the **Finish** button. Apptimized shows the following notification when successful: [![sccm_47_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/rObzWVuuipTlcfx9-sccm_47_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/rObzWVuuipTlcfx9-sccm_47_1.png) Imported applications immediately appear in the project portfolio. # SCCM Administration Guide # Integration SCCM Connector empowers Apptimized customers to: - import software estate from SCCM server to Apptimized project portfolio; - create an application in SCCM Console; - add the deployment type to application with automatic media transfer; - start the deployment of an application. SCCM Connector Integration saves time and provides instant deployment of SCCM packages without the need to leave Apptimized. ### Requirements and limitations The following prerequisites apply for SCCM connector: - endpoint PC or VM with access to the 443 port of app.apptimized.com host; - endpoint membership in Active Directory domain; - Microsoft Windows Desktop (Windows 7 and above) or Server OS (Windows Server 2012 R2 and above) with installed .NET Framework 4.6.1; - write permissions for network share with packages source media for automatic media transfer; - administrator role for SCCM or permissions to create applications, deployment types, and deployments; - installed SCCM Administrator Console with a connection to the SCCM server. ### Integration configuration with Apptimized Initial integration to Apptimized requires a one-time configuration of SCCM Connector settings. It is required to establish a connection to the remote SCCM Environment. It is possible to override preconfigured settings during the creation of an object in SCCM if needed, so they take precedence over the template of settings defined during the initial setup. ### Connection and default configuration ##### SCCM Environment Apptimized enables a user to set up SCCM environments to perform with SCCM connector deployment integration. Each SCCM Environment is configured separately and can be used for any purpose. The option to create SCCM environment is available for project administrators under **Settings** in the project menu > **Integratio**n section > **SCCM** > New SCCM Environment [![SCCM_24_01-2.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/dgumBva6jAdJeXWz-SCCM_24_01-2.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/dgumBva6jAdJeXWz-SCCM_24_01-2.png) Apptimized shows the following screen when successful: [![sccm_25_03.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/sAlTB1mia6aGUWMT-sccm_25_03.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/sAlTB1mia6aGUWMT-sccm_25_03.png) THe option to set the name of SCCM Environment is available under **SCCM Environment name** field. The option to finish the creation process is available after setting the **SCCM Environment** name > **Create** button. Apptimized shows the created environment when successful: [![sccm_26_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/VgaWvFRzkrFT0Zec-sccm_26_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/VgaWvFRzkrFT0Zec-sccm_26_01.png) ##### General settings The one-time configuration is available for project administrators under **Settings** in the project menu > **Integration** section > **SCCM** > **General**. [![sccm_11_03.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/PMQVtYvFOKHNj8Iv-sccm_11_03.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/PMQVtYvFOKHNj8Iv-sccm_11_03.png) SCCM Connector becomes active when switched on and once the settings are completed. [![SCCMSettingsTemplate.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/sccmsettingstemplate.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/sccmsettingstemplate.png) Table 1. General settings
**Settings** **Details**
Environment nameThe Environment name is the name of SCCM environment the SCCM connector operates in.
Remote IDThe remote ID is a unique identifier generated automatically for every project during its creation. Remote ID provides customer identification. The Remote ID is used during SCCM connector installation on customer's environment.
Site codeSite codes and site names identify sites in a Configuration Manager hierarchy. Configuration Manager Setup prompts for a site code and site name for the central administration site, and each primary site and secondary site installation. [Learn more.](https://docs.microsoft.com/en-us/configmgr/core/servers/deploy/install/prepare-to-install-sites)
DML LocationSecondary deployment target which packaged files will be copied to during the SCCM push in addition to the deployment type content library.
Name of the default distribution groupIndicates the default group of users or devices where to Install applications. This setting corresponds to the term "**Distribution point group**" in the SCCM admin console.
Collection typeIndicates the type of collection where apps should be installed. The following types are: - Device - User
Collection nameIndicates the collection of devices where to install applications. This setting corresponds to the term "**Collection name**" in the SCCM admin console.
Folder for application in SCCM ConsoleThis field is optional and can stay blank. If provided, overrides the default “**Application**” folder in SCCM Administrator Console as a target path for created application records.

Example: **Testfolder1\\testFolder2** or **Testfolder1\\testfolder2\\testfolder3**.

Install or uninstall the application This setting indicates whether a task sequence action in SCCM Console can install the application. **Yes** or **No** options are available.
Deploy the purpose of the installation This option specifies whether the application deployment can is mandatory or optional. **Available** or **Required** options are available.
Application display nameThe name of the application to be shown in SCCM Console.
Localized application nameSpecifies the application name for the English(US) default language.
Administrator comments This optional field indicates the optional content with the dynamic variables can be filled by the user.
If the endpoint connects to the internet via the proxy server, configure the connection by turning on **Enable proxy** and selecting **Use default windows credentials** or providing credentials in **Username** and **Password fields**. [![sccm_06_02.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/NoOdXcV7JwJo6jTW-sccm_06_02.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/NoOdXcV7JwJo6jTW-sccm_06_02.png) The option to use a proxy server whiсh is configured o VM where SCCM connector will be running is available under **Use default Windows proxy server** switch. [![sccm_06_03.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/EoSN2qvpQliEtq70-sccm_06_03.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/EoSN2qvpQliEtq70-sccm_06_03.png)

Note. If **Use default Windows proxy server** switched to **Yes**, the **Proxy address** field disappears.

The option to set a **Proxy address** is available under the **Proxy address** field. [![sccm_06_04.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/IBjyUv2bDjZ01rw5-sccm_06_04.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/IBjyUv2bDjZ01rw5-sccm_06_04.png) ##### Deployment types templates settings This setting enables a user to implement multiple deployment types by creating multiple deployment templates within one project. The option to enable SCCM deployment templates becomes active when all required fields in the SCCM general tab are filled in. [![sccm_03_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/fRU6q5aEMllwCKLk-sccm_03_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/fRU6q5aEMllwCKLk-sccm_03_01.png) The deployment types sections is displayed in 2 blocks: - Information block – this block contains detailed information about the Deployment templates; - Actions block – this block provides the options to operate with the deployment templates. [![sccm_05_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/8XLAffjECI2IyzVe-sccm_05_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/8XLAffjECI2IyzVe-sccm_05_01.png) Deployment type templates data is grouped into the following categories:
**Сategory ** **Description **
Template name The field indicates the template name to help a user to identify templates in Apptimized portal.
Name This field indicates the name of a deployment type.
Technology title This field indicates the type of template installation.
Source folder This field indicates the path to the location of the package source.
Path to executable This field indicates the path to the location of the package source executable file.
[![sccm_06_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/8KVk2f4tdngNbZg9-sccm_06_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/8KVk2f4tdngNbZg9-sccm_06_01.png) Users actions are grouped into the following categories: - Edit - enables a user to enter edit Deployment type template; - Delete - allows a user to delete the Deployment type template. [![sccm_07_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/Odr4obu21F3iD28f-sccm_07_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/Odr4obu21F3iD28f-sccm_07_01.png) The option to Create new deployment type is available under **Create Deployment type **button [![sccm_04_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/1GIHfICvhbO4PvHk-sccm_04_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/1GIHfICvhbO4PvHk-sccm_04_01.png) Apptimized shows the following screen when successful: [![Deployment type.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/deployment-type.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/deployment-type.png) The set of SCCM deployment template settings depends on the chosen installer type. Table 3. Deployment types template settings
**Settings** **Description** **Availability of settings depending on the Installer type**
MSIScript Installer AppV
Microsoft Application Virtualization 4 Microsoft Application Virtualization 5
Deployment type template name The field indicates the template name to help a user to identify templates in Apptimized portal. The default value is **Deployment type template name \[number\]**. This field is required. ++++
Deployment type nameThis field indicates the name of a deployment type. It is implemented during SCCM application deployment process and is sent to SCCM server. A user can set the **Deployment type name** manually or use the following dynamic variables: [![sccm_changes_03.PNG](https://docs.apptimized.com/uploads/images/gallery/2020-07/scaled-1680-/HaMcsDfHOvB1BG7s-sccm_changes_03.PNG)](https://docs.apptimized.com/uploads/images/gallery/2020-07/HaMcsDfHOvB1BG7s-sccm_changes_03.PNG) This field is required. ++++
Path to the sourceThis field indicates the path to the location of the package source. SCCM deployment template automatically generated this field. This field is required. ++++
Path to the executableThis field indicates the path to the location of the package source executable file. A user can set the **Path to the executable** manually or use the following dynamic variables: [![image-1612449200206.png](https://docs.apptimized.com/uploads/images/gallery/2021-02/scaled-1680-/e1EgqwCesELYfLQ1-image-1612449200206.png)](https://docs.apptimized.com/uploads/images/gallery/2021-02/e1EgqwCesELYfLQ1-image-1612449200206.png) This field is required. ++++
Copy source to file shareThis option allows to copy to the folder, the location of which was defined in field **Place for storing sources** in the **General** SCCM settings tab. ++++
Installer typeThis setting indicates the type of installer to use. The following installer types are available: - [MSI (Microsoft Installer)](https://docs.microsoft.com/en-us/windows/win32/msi/about-windows-installer); - [Script Installer](https://docs.microsoft.com/en-us/powershell/module/configurationmanager/add-cmdeploymenttype?view=sccm-ps#-scriptinstaller); - [AppV (Microsoft Application Virtualization 4)](https://docs.microsoft.com/en-us/microsoft-desktop-optimization-pack/appv-v4/); - [AppV (Microsoft Application Virtualization 5)](https://docs.microsoft.com/en-us/microsoft-desktop-optimization-pack/appv-v5/). The default value is **Script Installer**.++++
Script type for the detection methodThis setting indicates the type of script content of the [detection method](https://docs.microsoft.com/en-us/configmgr/apps/deploy-use/create-applications#bkmk_dt-detect). The following script types for detection method are available: - [Powershell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7); - [VB Script](https://docs.microsoft.com/en-us/previous-versions/sx7b3k7y%28v%3dvs.85%29); - [JScript](https://docs.microsoft.com/en-us/previous-versions/hbxc2t98(v=vs.85)). The default value is **Powershell**. +
Detection script content template This field specifies the script template of the detection method. It is possible to provide a custom template with mandatory variables in square brackets, indicating them in any order and quantity. The Connector replaces these variables with specific values during the deployment to SCCM. The default value is **Get-ItemProperty "HKLM:Software\\\[PackageName\]\\** **\[Manufacturer\]\\\[ApplicationName\]\\\[ApplicationVersion\]" -ErrorAction SilentlyContinue | Where { $\_.IsInstalled -eq 1 }** +
Persist content in the client cache This setting indicates the necessity to upload the application or package source to the client's machine or device cache. **Yes** or **No** options are available. The default value is **No**. +
Installation command with parametersThis setting indicates the command to run during the package installation. The default value for the Script Installer is **Deploy-Application.exe -DeploymentType Install** The default value for the MSI Package is **msiexec /i "\\\\atd-dist01\\Public\\CM\\DTeam\\FeatureData\\OSD\\Tbreck\\Setup1.msi" or msiexec /i "\\\\atd-dist01\\Public\\CM\\DTeam\\FeatureData\\OSD\\Tbreck\\Setup1.msi" /qn**++
Uninstallation command with parameters This setting indicates the command to run during the package uninstallation. The default value is **Deploy-Application.exe -DeploymentType Uninstall** +
Installation context This option defines the context of the package installation. The following installation contexts are available: - install for the system; - install for a user; - install for the system if a resource is a device otherwise install for the user. The default value is **Install for the system**. This option corresponds to the term **Installation behaviour** in the SCCM admin console. +
Should the user be logged on or not This option defines the required user state when the installation starts. The following options are available: - only when no users are in the system; - only when a user logs in; - whether or not users are active in the system. The default value is **Whether or not users are active in the system**. This option corresponds to the term **Logon requirement** in the SCCM admin console. +
Installation visibility for the userThis option defines the installation process visibility. The following options are available: - normal; - minimized; - maximized; - hidden. The default value is **Normal**. This option corresponds to the term **Installation program visibility** in the SCCM admin console. +
Requires user interactionThis setting indicates if the user can be involved in the installation or uninstallation process. **Yes** or **No** options are available. The default value is **No**. +
Identify deployment type information from a package fileThis setting indicates the option of a manual (**Yes**) or automatic (**No**) deployment type information identification. The default value is **No**.+ ++
The file where to get informationThis field indicates the file with the deployment type information. The following options are available: - MSI file for MsiInstaller; - XML manifest for AppvInstaller; - AppV file for App5xInstaller. An installation type defines default value.+ ++
What to do on a slow networkThis option specifies actions with package sources in case of a slow network. Following options are available: - do nothing; - download; - download content for streaming. The default value is **Download**.++++
Maximum installation time (minutes)This option indicates the maximum duration per installation in minutes. The default value is **120**.++++
Estimated installation time by default (minutes)This option indicates the estimated duration per installation in minutes. The default value is 0.++++
Run installation program as a 32-bit process on 64-bit clientThis setting forces the installer to launch as a 32-bit process on the 64-bit client. **Yes** or **No** options are available. The default value is **No**.++
Administrator comments This optional field corresponds to the term **Administrator comments** in the SCCM admin console. ++++
The screenshot below shows the default values of the Deployment type template settings: [![sccm_09_02.png](https://docs.apptimized.com/uploads/images/gallery/2022-04/scaled-1680-/jviYRJ0fxiSTK5S9-sccm_09_02.png)](https://docs.apptimized.com/uploads/images/gallery/2022-04/jviYRJ0fxiSTK5S9-sccm_09_02.png) Settings are persisted on click to **Save** button. Apptimized shows the following notification when successful: [![sccm_changes_07.png](https://docs.apptimized.com/uploads/images/gallery/2020-07/scaled-1680-/bTAjeZIC7D1cHfn9-sccm_changes_07.png)](https://docs.apptimized.com/uploads/images/gallery/2020-07/bTAjeZIC7D1cHfn9-sccm_changes_07.png) ### Package template The option to configure SCCM package template is available under **Project settings** > **Integration > **choose **SCCM Environment** > **Package template****.** [![sccm_11_03.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/mIP9LJnNeczw0FOE-sccm_11_03.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/mIP9LJnNeczw0FOE-sccm_11_03.png) Apptimized shows the following screen when successful: [![PackageTemplateSCCM.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/packagetemplatesccm.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/packagetemplatesccm.png) Table 4. Package template settings
Setting Description
Package name This setting enables a user to set up the name for package template. This setting is **required**. The default value is: **\[Manufacturer\]\_\[ProductName\]\_\[ProductVersion\]\_\[AppLanguage\].**
Comment This setting enables a user to set an optional descriptions for the package template.
Where unzip package source This setting enables a user to set up patch for unzipped package source files will be placed on. This section is **required**.

**Note. **In most cases, this field will be the same as **Source path **field value.

Use package name for the folder name This setting enables a user to use package name as package folder name. The default value is **No**.
Source path This setting enables a user to set up folder where the source is placed in zip file. The zip file name is ignored under clarifying the source path. This setting is **required**. The default value is **\[Manufacturer\]\_\[ProductName\]\_\[ProductVersion\]\_\[AppLanguage\]**

**Note.** This path is relative to **Where unzip package source **field value.

Folder for package in SCCM Console This setting enables a user to set up folder for package in SCCM Console. Example: - Dummy\\Folder; - Dummy.

**Note.** The package will be created under the root if the value is empty.

Remove default User account This setting enables a user to Remove user from Manage Access Account window, which is added to package by default. The default value is **Yes**.
Add account access This setting enables a user to fill **Group name **and **Permission access level** fields. The default value is **Yes**.
User name This setting enables a user to fill name of the user that will be addedd to Manage Accont Acces window of SCCM servier. The fill within form is **\[domain\]\\\[userName\]**. This setting is **required**.
Permission access level This setting enables to set up permission access level for the specified user. The following levels available: - Read; - Change; - Full control; - No access. The default value is **Read**.
Set security scope This setting enables to set up **Security scope **field to be specified.
Security scope This setting enables a user to set up Security scope name that will be set to most (or all) packages. This setting is **required**. The default value is **Factory DPs**.
##### Programs for packages The created programs for SCCM packages are stored under **Programs for packages** section. [![sccm_12_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/dDCA7v3dbjwlFxj5-sccm_12_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/dDCA7v3dbjwlFxj5-sccm_12_01-(1).png) The option to create program is available under **Create program** button. [![sccm_27_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/KXDMrK9YqMDrCBNp-sccm_27_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/KXDMrK9YqMDrCBNp-sccm_27_01-(1).png) Apptimized shows the following screen when successful: [![sccm_13_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/SKJ6wgjGqzCMADX6-sccm_13_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/SKJ6wgjGqzCMADX6-sccm_13_01-(1).png) Table 5. Program template settings
**Setting****Description**
Program nameThis setting enables a user to set up the name of the program template. This setting is **required**. The default value is **Install.**
Command lineThis setting enables a user to set up the command line of the program template. The default value is **install.cmd**
Start folder This setting enables a user to set up he name of startup folder of the program template.
User interaction This setting enables to set up interaction lever of user with package. The following levels available: - Hidden; - Minimized; - Normal; - Maximized. The default value is **Hidden**.
Program can run This setting enables a user to define run context of package. The following contexts available: - Whether or not user is logged on; - Only when user is logged on; - Only when no user is logged on. The default value is **Whether or not user is logged on**.
Run mode This setting enables a user to define permission level of package context run. This setting is available to change only if **Only when user is logged on **setting is set under **Program can run **setting. The following permission levels available: - Run with Administrative rights; - Run with user rights; The default value is **Run with Administrative rights**.
Allow users to view and interact with the program installation This setting enables to allow users to view and interact with the program insallation. The default value is **No**.
Drive mode This setting enables to define drive mode of the package installation / uninstallation. The following modes available: - Runs with UNC name; - Required drive letter - Requires specific drive letter (example: Z:). The default value is **Runs with UNC name**.
Allow this program to be installed from task sequence This setting enables to allow the program to be installaed from the Install Package task sequecne without being deployed. The default value is **No**.
Select platfroms This setting enables to select OS platforms where package can run. The following platforms available: - All Windows 10 (64-bit); - All Windows 7 (64-bit); - All Windows 8.1 (64-bit); - All Windows Server 2008 R2 (64-bit); - All Windows Server 2012 R2 (64-bit); - All Windows Server 2016 (64-bit); - All Windows 7 (32-bit).

**Note**. Empty field value is allowing any platform.

Estimated disk space This setting enables to estimate disk space for packages if required. The value if unknown is 0 or empty. The default value is 0.
Select unit of a disk sace size This setting enables to define unit f the disk space if the estimated disk space is set. The following units available: - KB; - MB; - GB. The default value is **MB**.
Maximum allowed run time (minutes) This setting enables a user to set up maximum allowed run time in minutes. The default value is **120**.
Administrative comment This optional field corresponds to the term **Administrator comments** in the SCCM admin console.
The option to save settings is available under **Save **button. Apptimized shows the following notification when successful: [![sccm_14_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/Ou02sx0vUfhF3kDN-sccm_14_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/Ou02sx0vUfhF3kDN-sccm_14_01-(1).png) [![sccm_15_01-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/4jjUWbtWtVeNnmvq-sccm_15_01-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/4jjUWbtWtVeNnmvq-sccm_15_01-(2).png) ##### Deployment for packages Created deployments for packages are stored under** ****Deployments ****for packages** section. [![sccm_16_01-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/SeF5URI5ffzRo8Hf-sccm_16_01-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/SeF5URI5ffzRo8Hf-sccm_16_01-(2).png) The option to create deployment is available under **Create deployment** button. [![sccm_28_01-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/68LXHoZzdhjvZHUe-sccm_28_01-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/68LXHoZzdhjvZHUe-sccm_28_01-(1).png) Apptimized shows the following screen when successful: [![sccm_17_01.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/aNdGHhxomvpHM82d-sccm_17_01.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/aNdGHhxomvpHM82d-sccm_17_01.png) Table 6. Package deployment template settings
**Setting** **Description**
Program name This setting enables to set up program name to which deployment belongs to. This field is **required**. The default value is **Install**.
Collection type This setting enables to indicate the collection type that will be loaded from the user SCCM server. This setting is **required**. The following types are available: - Device; - User. The default value is **Device**.
Limiting collection for the deployment This setting enables settng limiting collection for the collection deployment.
Collection folder in SCCM Console This setting enables setting up a collection path under the SCCM console.
Action This setting enables set the action during deployment. The available action is **Install**. The value can not be changed.
Purpose This setting enables the definition of the requirement of the installation/uninstallation process. The following values are available: - Available; - Required. The default value is **Available**.
Send wake-up packets This setting enables to define sending [wake-up packets](https://docs.microsoft.com/en-us/mem/configmgr/core/clients/deploy/plan/plan-wake-up-clients) before deployment under SCCM. The default value is **No**. Note. This setting is available only if **Required **purpose is set.
Allow clients on a metered internet connection to download content after the installation deadline, which right incurs additional costs This setting enables to allow clients on a metered internet connection to download content after the installation deadline, which right incurs additional costs. The default value is **No**. Note. This setting is available only if **Required **purpose is set.
Rerun behavior This setting enables to specify rerunning deployment behavior on a client. The following values are available: - Always rerun program; - Never rerun deployed program; - Rerun if failed previous attempt; - Rerun if succeeded on the previous attempt. The default value is **Always rerun program**. Note. This setting is available only if **Required **purpose is set.
Recur every The setting enables to specify a recurring interval. The default value is **1**. **Note**. This setting is available only if **Required **purpose is set.
Recurrence interval type This setting enables selection of recurrence interval types for the schedule. The following options are available: - Days; - Hours; - Minutes. The default value is **Days**. **Note**. This setting is available only if **Required **purpose is set.
Schedule This setting enables to schedule date and time for the deployment. **Note. **Time must be UTC. The time will be converted to the timezone of the User’s SCCM Server. This setting is** **available only if** Required **purpose is set.
Allow users to run the program independently of assignments This setting enables users to run the program from Software Center. The default value is **Yes**. The value can not be changed.
Software installation This setting enables a user to allow installation of the deployed software outside of maintenance windows. The default value is **No**.
System restart (if required to complete the installation) This setting enables to set up system restarting outside a maintenance window. The default value is **No**.
Commit changes at deadline or during a maintenance window (requires restarts) This setting enables to setting up write filters for embedded devices. The default value is **Yes**. **Note**. If this setting is not enabled, the content will be applied on the overlay and committed later.
Select the deployment option to use when a client uses a distribution point from a current boundary group This setting enables to specify client behavior on a fast network. The following options are available to select: - Download content from distribution point and run locally; - Run program from the distribution point. The default value is **Download content from distribution point and run locally**.
Select the deployment option to use when a client uses a distribution point from a neighbor boundary group or the default site boundary group This setting enables to specify client behavior on a slow network. The following options are available to select: - Download content from distribution point and run locally; - Do not run program; The default value is **Download content from distribution point and run locally**.
Allow clients to use distribution points from the default site boundary group This setting enables allow clients to use shared content. The default value is **No**.
The option to save deployments for packages settings is available under **Save **button. Apptimized shows the following notification when successful: [![sccm_18_01-(3).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/JWn2VRCss96D58Rr-sccm_18_01-(3).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/JWn2VRCss96D58Rr-sccm_18_01-(3).png) The option to save package templates settings is available under **Save** button. [![sccm_10_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/GbtxVDr8dkgx6JQE-sccm_10_2.png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/GbtxVDr8dkgx6JQE-sccm_10_2.png) Apptimized shows the following notification when successful: [![sccm_19_01-(3).png](https://docs.apptimized.com/uploads/images/gallery/2021-11/scaled-1680-/qhiWskqOkBQ0ze9o-sccm_19_01-(3).png)](https://docs.apptimized.com/uploads/images/gallery/2021-11/qhiWskqOkBQ0ze9o-sccm_19_01-(3).png) ### Apptimized SCCM Connector Installer The integration procedure of the Apptimized SCCM Connector and SCCM environment ends up with the installation of SCCM Connector Agent to the endpoint PC. Apptimized **SCCM Connector Installer** can be downloaded once the **required settings** are completed. [![Group 4.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/group-4.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/group-4.png) **SCCM API Key** also must be generated. [![Group 6.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/group-6.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/group-6.png) After downloading **Apptimized SCCM** **Connector Installer**, a user has to run an **Install CMD.**** ** **[![DownloadingInstaller.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/downloadinginstaller.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/downloadinginstaller.png)** A service with **entered credentials** is created when finished successfully: [![Group 27.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/group-27.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/group-27.png) Creating a **new user** is available under **Server Manager** > **Dashdoard** > **Tools** > **Active Directory Users and Computers** > **New** > **User**. [![Anewuser.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/anewuser.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/anewuser.png) The following fields must be filled with **proper information**. [![Fields.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/fields.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/fields.png) Adding a user to a group is available under “**Add to a group**”. [![addingtogroup.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/addingtogroup.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/addingtogroup.png) After the previous steps a user must go to **Server Manager** > **Dashdoard** > **Tools** > **Local Security** > **Log on as a service and run the service.**** ** **[![Logonasservice.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/logonasservice.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/logonasservice.png)** **[![Runasadiffuser.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/runasadiffuser.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/runasadiffuser.png)** Before installing and pushing an application to SCCM, a user must have **certain permissions.**** ** **A Security role (Application Administrator****)** or **Configuration Manager**. [![SCCMm1.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/sccmm1.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/sccmm1.png) The account also must have the **Windows Server Distributed Component Object Model (DCOM) Remote Activation permission** for the computer running the **Configuration Manager** site server and the **SMS provider**. [![SCCMm2.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/sccmm2.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/sccmm2.png) The user must be added to a policy called **"Log on as a service".** **[![SCCMm3.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/sccmm3.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/sccmm3.png)** **Apptimized **shows the following window when successful**: ** **[![SCCMm4.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/sccmm4.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/sccmm4.png)** The account name must contain** a domain: ** **[![SCCMm5.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/sccmm5.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/sccmm5.png)** **Apptimized** shows an error if a user doesn’t exist: [![SCCMm6.png](https://docs.apptimized.com/uploads/images/gallery/2024-02/scaled-1680-/sccmm6.png)](https://docs.apptimized.com/uploads/images/gallery/2024-02/sccmm6.png) After this action, the user can push the application same as it was in the **previous** **version**, even in case he is **signed out**. ##### Install Behavior Settings If needed to close apps before installation a user should go to > **Administration** > Settings> Integration> **SCCM**> Project settings >Create Deployment type >**Install Behavior Settings** and add an **Executable File Name** and a **Display Name**. [![Inslallbehavior1.png](https://docs.apptimized.com/uploads/images/gallery/2024-04/scaled-1680-/inslallbehavior1.png)](https://docs.apptimized.com/uploads/images/gallery/2024-04/inslallbehavior1.png) It is possible more than one apps to be closed. Adding **more fields** is available under **Actions.** **[![Inslallbehavior2.png](https://docs.apptimized.com/uploads/images/gallery/2024-04/scaled-1680-/inslallbehavior2.png)](https://docs.apptimized.com/uploads/images/gallery/2024-04/inslallbehavior2.png)** After entering the proper names a user must click on a **Save** button. [![Installbehavior3.png](https://docs.apptimized.com/uploads/images/gallery/2024-04/scaled-1680-/installbehavior3.png)](https://docs.apptimized.com/uploads/images/gallery/2024-04/installbehavior3.png) A **Software Center** shows the following when successful: [![Installbehavior4.png](https://docs.apptimized.com/uploads/images/gallery/2024-04/scaled-1680-/installbehavior4.png)](https://docs.apptimized.com/uploads/images/gallery/2024-04/installbehavior4.png) ### Manage project roles SCCM Connector requires the assignment of the project user to the role with the required permission. Assign needed permissions under **Roles** in a project setting. [![sccm_17.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/t4cHPiFkzN7a8SZm-sccm_17.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/t4cHPiFkzN7a8SZm-sccm_17.png) It is possible to add permission to the existing group or create a new one by clicking on the “**Add new role**” button, as shown on the screenshots below. [![sccm_18.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/5teW7nWyHApBpmyl-sccm_18.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/5teW7nWyHApBpmyl-sccm_18.png) The new role requires its name and SCCM project permission. [![sccm_20_01.png](https://docs.apptimized.com/uploads/images/gallery/2023-02/scaled-1680-/tE1RfeZth3bia1MI-sccm_20_01.png)](https://docs.apptimized.com/uploads/images/gallery/2023-02/tE1RfeZth3bia1MI-sccm_20_01.png) Apptimized shows the following notification when completed successfully: [![sccm_21.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/WgsggGRtUF5BIij9-sccm_21.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/WgsggGRtUF5BIij9-sccm_21.png) Users can be added to the role via **Update users** or **Update groups** screens. [![sccm_22_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/3E9G0q1LhsxKKcvS-sccm_22_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/3E9G0q1LhsxKKcvS-sccm_22_1.png) [![sccm_22_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/qS2emMQxV5erabKm-sccm_22_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/qS2emMQxV5erabKm-sccm_22_2.png) A new group or user can be selected on the next screen, and click on **Save** persists all changes. [![sccm_23.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/Rona1PGaSsbtmUhj-sccm_23.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/Rona1PGaSsbtmUhj-sccm_23.png) [![sccm_24.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/mC1Pt2IACanc7Abs-sccm_24.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/mC1Pt2IACanc7Abs-sccm_24.png) A current role can be changed with the **Edit** screen and by following the same set of operations as for adding a new role. [![sccm_22_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/AWPjflLYMXjAjfpr-sccm_22_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/AWPjflLYMXjAjfpr-sccm_22_3.png) [![sccm_25_01.png](https://docs.apptimized.com/uploads/images/gallery/2023-02/scaled-1680-/YhtsX7FftabpCtTj-sccm_25_01.png)](https://docs.apptimized.com/uploads/images/gallery/2023-02/YhtsX7FftabpCtTj-sccm_25_01.png) The role can be removed by clicking on the **Delete** button and after providing a confirmation. [![sccm_22_4.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/N3dZ6GK89tX3Ne33-sccm_22_4.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/N3dZ6GK89tX3Ne33-sccm_22_4.png) [![sccm_26.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/EEi9vPf9VJqqYQS6-sccm_26.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/EEi9vPf9VJqqYQS6-sccm_26.png) ### # Infrastructure ### Infrastructure components The figure below shows the scheme of the SCCM connector infrastructure. ### [![Drawing-2_3_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/LAO46MZ7RkZ24aSX-Drawing-2_3_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/LAO46MZ7RkZ24aSX-Drawing-2_3_3.png) The infrastructure components details are described in Tables 1 - 2. Table 1. Infrastructure components
**Component** **Details**
1\. Apptimized Portal The platform where Apptimized customer manages projects portfolios. Requires an active project with enabled and configured SCCM connector settings.
The screenshot below shows the Apptimized Portal interface. [![sccm_adm_01.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/ddy7ZMWiUcGn4t98-sccm_adm_01.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/ddy7ZMWiUcGn4t98-sccm_adm_01.png) Table 2. Infrastructure components
**Component** **Details**
2\. Customer Environment Information technology environment, including software, hardware, and systems (e.g., endpoint PCs, VMs, servers, networks).

The access of endpoint PC or VM to the 443 port of the app.apptimized.com host is a prerequisite.

2.1. Proxy server This component is optional. A proxy server is a third party between the customer and the service (the Apptimized Portal). A proxy server manages the requests sent by the customer and completes them depending on the system's preferences.
2.2. Apptimized SCCM connector A tool that enables customers to deploy ready-made packages directly from Apptimized to an SCCM environment and to upload applications from the SCCM server to Apptimized for testing purposes or further processing. It connects Apptimized Portal and SCCM Admin Console via HTTPS long-polling strategy, where the SCCM connector pulls data from the Apptimized portal every 10 seconds. The SCCM connector must be launched on a local PC by the domain administrator or domain user. Runs on platforms: Microsoft Windows Desktop (Windows 7 and above) or Server OS (Windows Server 2012 R2 and above) with installed .NET Framework 4.6.1
2.3. SCCM administrator console Console to manage applications in the customer environment.
2.4. Customer SCCM server Customer’s server where the SCCM is installed.
The screenshot below shows the SCCM administrator console interface. [![image_2020-07-07_11-26-03.png](https://docs.apptimized.com/uploads/images/gallery/2020-07/scaled-1680-/A9U1eZoMPEM4Gwof-image_2020-07-07_11-26-03.png)](https://docs.apptimized.com/uploads/images/gallery/2020-07/A9U1eZoMPEM4Gwof-image_2020-07-07_11-26-03.png) ### Communication process The Apptimized Portal communicates to the Customer environment via API. To integrate the Apptimized Portal with the SCCM environment, the SCCM Connector must be installed to the endpoint PC. The SCCM Connector pings Apptimized Portal every 10 seconds for a new data on the project. To identify the customer, only the remote ID is used. Any other data from the customer will not be requested. When data is received from the Apptimized Portal, the SCCM Connector transforms it to [Powershell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7) commands to communicate with the SCCM administrator console on the endpoint PC. The SCCM administrator console sends information to the SCCM server within its communication protocols and methods. The information flow content depends on the type of customer activity (see Cases 1-2). ##### Case 1. A customer pushes **TimKosse\_FileZilla\_3.46.3\_English(United States)** to SCCM. Outbound information** - a data sent from the Apptimized Portal: - the SCCM administrator console connection parameters

Site code - **DEM**; Path to the SCCM console - **C:\\Program Files (x86)\\Microsoft Configuration Manager\\AdminConsole\\bin**; Path to the network share - **\\\\WIN-2HDJCBHRRVB\\Sources$\\incoming\\TimKosse\_FileZilla\_3.46.3\_English(United States)**.

- package metadata;

Package name - **TimKosse\_FileZilla\_3.46.3\_English(United States)**; Application version - **3.46.3**; Application vendor - **Tim Kosse**; Application name - **FileZilla**; Application language - **English(United States);** Auto-install in task sequence of SCCM console - **Yes;** Application owner - **The default value is customer's name (i.e. John Doe);** Application description (optional) - Will be sent, if something has been indicated; SCCM optional reference (optional) - Will be sent, if something has been indicated; Folder in the SCCM console UI - **Applications/Test 1**.

- an application (package) sources in **.zip** format;

An archive in **.zip** format contains a PSADT Wrapper and a package source in **.msi** format.

- a deployment type information;

Deployment type name - **TimKosse\_FileZilla\_3.46.3\_English(United States)\_DT**; Path to the source in SCCM environment network - **\\\\WIN-2HDJCBHRRVB\\Sources$\\incoming\\TimKosse\_FileZilla\_3.46.3\_English(United States)**; Name of the default distribution group - **Demo Distribution Group**; Installer type - **Script Installer;** Script type for the detection method - **Powershell;** Detection script content - **Get-ItemProperty "HKLM:Software\\ TimKosse\_FileZilla\_3.46.3\_English(United States)\\TimKosse\\FileZilla \\3.46.3" -ErrorAction SilentlyContinue | Where { $\_.IsInstalled -eq 1 }**; Persist content in client cache - **Yes**; Installation command with parameters - **Deploy-Application.exe -DeploymentType Install**; Uninstallation command with parameters - **Deploy-Application.exe -DeploymentType Uninstall**; What to do on slow network - **Download**; Maximum installation time (minutes) - **120**; Estimated installation time by default (minutes) - 0; Run installation program as a 32-bit process on 64-bit client - **No**; Admin comment (optional) - Will be sent, if something has been indicated.

- deployment information for the application/package;

Collection name - **Demo devices;** Install or uninstall the application by default - **Install**; Deploy purpose of the installation by default - **Available;** Deadline date - **02.02.2020 00:00;** Deadline time - **18:00**; Time zone of a deadline - **Local time**.

**Inbound information** - a data sent to the Apptimized Portal: - a response to the outbound information commands (result - OK); - request to get information with remote ID parameter

Remote ID - **1745a854-2d9a-4f99-8a04-d511882f7028**.

##### Case 2. A customer imports **TimKosse\_FileZilla\_3.46.3\_English(United States)** from SCCM. **Outbound information** - a data sent from the Apptimized Portal: - the SCCM administrator console connection parameters;

Site code - **DEM**; Path to the SCCM console - **C:\\Program Files (x86)\\Microsoft Configuration Manager\\AdminConsole\\bin**; Path to the network share - **\\\\WIN-2HDJCBHRRVB\\Sources$\\incoming\\ TimKosse\_FileZilla\_3.46.3\_English(United States)**.

- a command to get a list of applications in the SCCM administrator console; ``` Get-WmiObject -Namespace ROOT\SMS\Site_$SiteCode `         -Query "SELECT * FROM SMS_ObjectContainerNode WHERE ObjectType='6000'" | `         Select-Object -Property Name, ContainerNodeID, ParentContainerNodeId; ``` - a command to get metadata of applications in the SCCM administrator console; ``` GetApplicationsMetadata(string stringPsApps) =>             SccmResultHelper.ConvertToSccmObjects(                 ExecutePsCommand($"Get-CMApplication | `" +                     $"Select-Object -Property LocalizedDisplayName, SDMpackageXML | `" +                     $"Where-Object {{({stringPsApps}).Contains($_.LocalizedDisplayName)}} | `" +                     $"Select-Object -ExpandProperty SDMpackageXML", out _)); ``` - a command to get an application (package) sources in the SCCM administrator console. The SCCM Connector will receive the path to the SCCM application source from SCCM application metadata. It will be zipped and sent to the Apptimized Portal. Inbound information** - a data sent to the Apptimized Portal: - request to get information with remote ID parameter

Remote ID - **1745a854-2d9a-4f99-8a04-d511882f7028.**

- an application (package) sources in **.zip** format;

An archive in **.zip** format contains a PSADT Wrapper and a package source in **.msi** format.

- a list of SCCM applications (or one specific application)

An application - **TimKosse\_FileZilla\_3.46.3\_English(United States)**; An application related data: "Path":"/Test 1", "ContainerId":"16777218", "ResourceId":"Res\_810274514", "IsDuplicated":false.

- an application's metadata in the SCCM administrator console;

Package name - **TimKosse\_FileZilla\_3.46.3\_English(United States)**; Application version - **3.46.3**; Application vendor - **Tim Kosse**; Application name - **FileZilla**; Application language - **English(United States).**

### Communication methods The SCCM Connector is configured to communicate with the Apptimized Portal using HTTPS protocol. The text box below provides the certificate details:

Issued by – K Software certificate Authority (DV) 2 [https://sectigo.com/legal](https://sectigo.com/legal) Version – V3 Signature algorithm – sha256RSA Signature hash algorithm – sha256 Public key – RSA (2048 Bits) TLS – 1.2

The Powershell commands are implemented to communicate the SCCM Connector with the SCCM Console. The text box below provides the commands list depending on the client's activities. 1. **Push to SCCM:** - Import-Module .\\ConfigurationManager.psd1; - New-CMApplication; - Add-CMDeploymentType; - Add-CMMsiDeploymentType; - Start-CMContentDistribution; - Start-CMApplicationDeployment; - Move-CMObject -FolderPath; - Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process -Force. 2. **Import from SCCM:** - Import-Module .\\ConfigurationManager.psd1; - Get-CMApplication; - Get-WmiObject; - Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process -Force. # Security and limitations To ensure security Apptimized complies with the following cybersecurity standards: - ISO 15408; - ISO/IEC 27001; - ISO/IEC 27002; - ANSI/ISA 62443 (Formerly ISA-99); - IEC 62443; A military-grade security protocol ([TLS/SSL](https://docs.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview)) is used by Apptimized to provide privacy and data integrity between two or more communicating applications. Apptimized safety audit entails a network scan of its resources to identify vulnerabilities and non-penetration. The screenshot below shows the vulnerability report provided by **Detectify** for **app.apptimized.com**. [![sccm_adm_03_4.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/MmESvmM2142UiAbc-sccm_adm_03_4.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/MmESvmM2142UiAbc-sccm_adm_03_4.png) The screenshots below show the SSL report of **app.apptimized.com**. [![sccm_adm_05_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/FDOxbDM9eImMUoJX-sccm_adm_05_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/FDOxbDM9eImMUoJX-sccm_adm_05_1.png) [![sccm_adm_05_5.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/ochmWF8LIzubGeyF-sccm_adm_05_5.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/ochmWF8LIzubGeyF-sccm_adm_05_5.png) The SCCM connector must be launched on a local PC by the domain administrator or domain user. Domain user must have the permissions to: - create applications, deployment types, and deployments; - write permissions for network share with packages source media for automatic media transfer. # Technical workflows ### Push to SCCM workflow The figure below shows the push to the SCCM workflow. The instructions for SCCM connector integration are considered in the [Apptimized SCCM connector integration user manual](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/integration "Integration"). [![Push-to-SCCM.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/P8yGeoawkOAREXaR-Push-to-SCCM.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/P8yGeoawkOAREXaR-Push-to-SCCM.png) ### Import from SCCM workflow The figure below shows the import from the SCCM workflow. The instructions for import from SCCM are considered in the [Apptimized SCCM connector integration user manual](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/integration "Import from SCCM"). [![Import-from-SCCM.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/R0fksfo8TlIYxME8-Import-from-SCCM.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/R0fksfo8TlIYxME8-Import-from-SCCM.png) # Intune User Guide # Introduction **[Intune](https://docs.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune)** is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM) which enables the following: - To be 100% cloud with Intune, or to be co-managed with Configuration Manager and Intune; - To set rules and configure settings on personal and organization-owned devices to access data and networks; - To deploy and authenticate apps on devices (both on-premises and mobile); - To control the way users access and share information; - To stay compliant with company security requirements. Integration **Intune** with **Apptimized** saves time and enables a user to upload, update, and manage the ready-made packages without the need to leave Apptimized. Initial integration to **Apptimized** requires a one-time configuration of settings in the [**Microsoft** **Azure**](https://portal.azure.com/) portal and the [**Apptimized portal**](https://app.apptimized.com/), namely: - Application registrations in the Microsoft Azure portal; - Assigning permissions to a user to work with Microsoft Intune from the Microsoft Azure portal; - Integration of the application from the Microsoft Azure portal into the Apptimized portal. # Integration #### Application registrations The application registration is carried out in the Microsoft Azure portal via administrative credentials. A user can choose one of the following types of accounts: A tenant admin account; - A tenant user account (with the enabled **“Users can register applications”** setting). The option to open an application registration page is available under: - **Microsoft Azure** portal > **Azure services** > **App registrations**; [![intune_01.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/ql2t7GeHU7oa1KFn-intune_01.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/ql2t7GeHU7oa1KFn-intune_01.png) - **Microsoft Azure** portal > Search > Enter a search request (i.e., “App registrations”) > Select the service in the list > **App registrations**; [![intune_02_02.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/q7ncDCyqN1eH0oih-intune_02_02.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/q7ncDCyqN1eH0oih-intune_02_02.png) - **Microsoft Azure** portal > Menu > All services > Enter a search request (i.e., “App registrations”) > Select the service in the list > **App registrations**. [![intune_03_03.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/yC2QnvLLANcWCJZq-intune_03_03.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/yC2QnvLLANcWCJZq-intune_03_03.png) **Microsoft Azure** portal shows the screen when successful: [![intune_04_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/Wjely3sX4Cys5DwG-intune_04_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/Wjely3sX4Cys5DwG-intune_04_1.png) The option to create a new application registration is available under the **New registration** option. [![intune_05.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/lcgEArRMyPn4ljJz-intune_05.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/lcgEArRMyPn4ljJz-intune_05.png) Microsoft Azure portal shows the Create window when successful: [![intune_06_01.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/BK5Q9Jma32fJJnFN-intune_06_01.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/BK5Q9Jma32fJJnFN-intune_06_01.png) To create a new application registration, a user fills in the fields in the form (see Table 1 and the [Microsoft Azure manual](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app)). Table 1. A new application registration
**Field name** **Details**
NameThis field sets a meaningful application name to display to users (i.e., **Apptimized Intune Test**)
Supported accountsThis option identifies types of accounts that can use the application. Three options available: - Accounts in this organizational directory only; - Accounts in any organizational directory; - Accounts in any organizational directory and personal Microsoft accounts; - Personal Microsoft account only.
Redirect URIThis setting is optional, and the values can be provided later. [![intune_07.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/dEYiRGrv0j8eCFmJ-intune_07.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/dEYiRGrv0j8eCFmJ-intune_07.png)
When clicking on the **Register** button, **Microsoft Azure** portal shows the following screen: [![intune_08.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/Cei3dkzsqedEEn6N-intune_08.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/Cei3dkzsqedEEn6N-intune_08.png) When the application is successfully registered, a user needs to make a series of settings steps, namely: - To add a redirect URIs; - To add new client secret string; - To grant permissions to the application to call API. Next, each setting block is shown in more detail. The option to add redirect URIs to the application is available under the **All services** > **App registrations** > Select the application in the list > **Manage** menu > **Authentication** > Platform configurations > Add a platform> Web > Redirect URLs > Fill in new URI > **Configure** button. The following URL is required to be added: **https://app.apptimized.com/Account/AuthCode** [![intune_09_02-(1).png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/lFojk8DEexa61qgn-intune_09_02-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/lFojk8DEexa61qgn-intune_09_02-(1).png) The option to add new client secret string is available under the **All services** > **App registrations** > Select the application in the list > **Manage** menu > **Certificates & secrets** > Client secrets > **New client secret** button > Fill in the **description** > Set the **expiry** mode > **Add** button. [![intune_10_02.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/yZe6C4UdTst5rUZD-intune_10_02.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/yZe6C4UdTst5rUZD-intune_10_02.png)

**Note.** When clicking on the **Add** button, the client secret value appears (i.e., **~\_fd-Y49~haNZ~g8RbDz9yQCF4KQ\_\_1j49**). A user must copy the value to the clipboard to use it in the client’s application code. It becomes inaccessible once a user leaves this page. The **Client secret** value correlates with the **Client secret** field when integrating **Intune** into the **Apptimized** portal.

[![intune_11_02.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/ksgCXV9lGzvrlvxw-intune_11_02.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/ksgCXV9lGzvrlvxw-intune_11_02.png) The option to [configure permissions](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent) to the application to call API is available under **All services** > **App registrations** > Select the application in the list > **Manage** menu > **API permissions** > Add a permission > **Microsoft Graph**. [![intune_12.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/vcOAtYP74pNPHpkV-intune_12.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/vcOAtYP74pNPHpkV-intune_12.png) **Microsoft Azure** portal shows the following screen when successful: [![intune_13.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/LbjJm0Jl5zdNW88e-intune_13.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/LbjJm0Jl5zdNW88e-intune_13.png) The option to set the types of permissions to the application is available under the **Delegated permissions** button > Select the permissions from the list > **Add permissions** button. The screenshot below shows the list of enabled permissions: [![IntunePermissions1.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/intunepermissions1.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/intunepermissions1.png) Some delegated permissions can be consented by non-administrative users, but some higher-privileged permissions require administrator consent. The option to grant permissions is available under the **Grant admin consent for \[company name\]** button. [![Intune_51_1.png](https://docs.apptimized.com/uploads/images/gallery/2022-11/scaled-1680-/7x9tcR8L6ovBVp9e-Intune_51_1.png)](https://docs.apptimized.com/uploads/images/gallery/2022-11/7x9tcR8L6ovBVp9e-Intune_51_1.png)

**Note.** If the application runs as a background service or daemon without a signed-in user, the required option is **Application permissions**. The **Applications permissions** are the permissions that are used by applications that run without a signed-in user present. Using Application permissions enables Apptimized users to push packages to Intune without requiring an own Intune access or even an AAD account in the target Azure directory. By configuring the use of application permissions, the API will be authorized to push packages to Intune without requiring an authenticated AAD Intune user with adequate permissions to provide this authorization. [![IntuneAppPermisions.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/intuneapppermisions.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/intuneapppermisions.png) The **DeviceManagementApps** permissions in **Applications permissions** are identical to **Delegated permissions** group. [![PermissionsIntune.png](https://docs.apptimized.com/uploads/images/gallery/2024-03/scaled-1680-/permissionsintune.png)](https://docs.apptimized.com/uploads/images/gallery/2024-03/permissionsintune.png)

#### Integration of the application from the Microsoft Azure portal into the Apptimized portal The one-time configuration is available for project administrators under the **Project** menu > **Administration** > **Settings** > Integration section > **Intune**. [![intune_22.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/NtaZSECAxPcl6tTM-intune_22.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/NtaZSECAxPcl6tTM-intune_22.png) **Intune** becomes active when switched on and once the required settings are completed. All required fields are marked with an asterisk \*. [![intune_23_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/4gqSRUSIBNFOGS8Q-intune_23_2.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/4gqSRUSIBNFOGS8Q-intune_23_2.png) Table 2. Basic settings
**Settings** **Details**
Tenant Identifier The **Tenant Identifier** corresponds to the term **Directory (tenant) ID** in the **Microsoft Azure** portal. The Directory (tenant) ID is a unique identifier generated automatically by the Microsoft Azure portal for every application during its creation. [![intune_25_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/fw0KzOjRiNVogdTB-intune_25_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/fw0KzOjRiNVogdTB-intune_25_1.png)
Client Identifier The **Client Identifier** corresponds to the term **Application (client) ID** in the **Microsoft Azure** portal. The Application (client) ID is a unique identifier generated automatically by the Microsoft Azure portal for every application during its creation. [![intune_25_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/Z0tLJtUsY8NZG6bs-intune_25_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/Z0tLJtUsY8NZG6bs-intune_25_2.png)
Client Secret The **Client Secret** corresponds to the term **Value of secret** in the **Microsoft Azure** portal. The **Client Secret** is a unique identifier generated automatically by the Microsoft Azure portal for every application during its creation. [![intune_42.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/SDy363ecyaq35vzd-intune_42.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/SDy363ecyaq35vzd-intune_42.png) [Learn more](#bkmrk-application-registra).
Use applications permissions The **Use application permissions **correspond to the term [**Applications permissions**](https://docs.apptimized.com/link/110#bkmrk-note.-if-the-applica) in the **Microsoft Azure **portal. The **Applications permissions** are the permissions that are used by applications that run without a signed-in user present. Using Application permissions enables Apptimized users to push packages to Intune without requiring an own Intune access or even an AAD account in the target Azure directory. By configuring the use of application permissions, the API will be authorized to push packages to Intune without requiring an authenticated AAD Intune user with adequate permissions to provide this authorization. [![intune_end_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-12/scaled-1680-/njgHHWqpr71fI9Zd-intune_end_2.png)](https://docs.apptimized.com/uploads/images/gallery/2021-12/njgHHWqpr71fI9Zd-intune_end_2.png)
**Apptimized** shows the following notification when successful: [![intune_24.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/NqzR1bReU3EdAXpA-intune_24.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/NqzR1bReU3EdAXpA-intune_24.png) #### Manage project roles Intune requires the assignment of the project user to the role with the required permission. Assigning needed permissions is available under the **Project** menu > **Administration** > **Roles**. [![intune_26.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/g3me8FUuSNBiZse3-intune_26.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/g3me8FUuSNBiZse3-intune_26.png) It is possible to add permission to the existing group or to create a new one by clicking the **Add new role** button, as shown on the screenshots below. [![intune_27.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/scvirwhWhk2fKZaw-intune_27.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/scvirwhWhk2fKZaw-intune_27.png) The new role requires its meaningful name and Intune project permission. [![intune_28.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/tlAbdIOLRfMrZCIM-intune_28.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/tlAbdIOLRfMrZCIM-intune_28.png) Apptimized shows the following screen and notification when successful: [![intune_29.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/AejynNy5NrloyIZg-intune_29.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/AejynNy5NrloyIZg-intune_29.png) For a user to be able to perform any activities related to the Intune, he must be assigned a role with the **Intune project permission**. The option to assign the role to a user (or a group) is available under the **Update users** or **Update groups** buttons respectively. Instructions on how to edit or manage roles within the project are available in the **Apptimized Portal user manual** > [**Project role**](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/project-roles) section. ##### Intune apps list The **Intune apps list** provides a user the information on the full list of applications from the **Microsoft Intune** portal available in the **Apptimized** portal. The **Intune apps list** enables a user to manage applications from the **Microsoft Intune** portal without leaving the **Apptimized** portal. The option to access Intune applications list is available under **Project menu** > **Intune apps.**
**[![image-for-article.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/93mX2BhBZIwB7a96-image-for-article.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/93mX2BhBZIwB7a96-image-for-article.png)** #### Assigning permissions to a user to work with Microsoft Intune from Microsoft Azure The option to open an application registration page is available under: - **Microsoft** **Azure** portal > Search > Enter a search request (i.e., “Intune”) > Select the service in the list > **Intune**; [![intune_16.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/s5ZEIeKvKZANN8zm-intune_16.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/s5ZEIeKvKZANN8zm-intune_16.png) - **Microsoft** **Azure** portal > Menu > All services > Enter a search request (i.e., “Intune”) > Select the service in the list > **Intune**. [![intune_17.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/8KUo4s7rdPfzr0GU-intune_17.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/8KUo4s7rdPfzr0GU-intune_17.png) **Microsoft Azure** portal shows the following screen when successful: [![intune_18_02.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/Zb8Dhku19h4ifRwQ-intune_18_02.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/Zb8Dhku19h4ifRwQ-intune_18_02.png) The option to add new [Intune role](https://docs.microsoft.com/en-us/mem/intune/fundamentals/role-based-access-control) is available under the **All services** > **Tenant administration** > **Roles** > **All roles** > **Create** button. [![intune_19_2.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/WaHooLR4u87wG0Xl-intune_19_2.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/WaHooLR4u87wG0Xl-intune_19_2.png) **Microsoft Azure** portal shows the screen when successful: [![Intune_20_2.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/5V8wxdUQur618icI-Intune_20_2.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/5V8wxdUQur618icI-Intune_20_2.png) The screenshot below shows the procedure for creating a new custom role (**Create** button > Enter role name > Enter role description > Select [**scope tags**](https://docs.microsoft.com/en-us/mem/intune/fundamentals/scope-tags) > **Create** button): [![intune_19.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/kZSc6BpAHKzha5rv-intune_19.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/kZSc6BpAHKzha5rv-intune_19.png) **Microsoft Azure** portal shows the following screen when successful: [![intune_19_8.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/RBbUUerjx8m9ijCI-intune_19_8.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/RBbUUerjx8m9ijCI-intune_19_8.png) When the new custom role appears in the list, the assignments must be provided. **Microsoft Azure** portal shows the following screen when clicking the new custom role name: [![intune_21_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/lqRnMwyKdlbIW3as-intune_21_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/lqRnMwyKdlbIW3as-intune_21_1.png) The option to provide assignments is available under the **Roles** > Select and click on role > **Assignments** > **Assign** button. The screenshot below shows the procedure for [role assignments](https://docs.microsoft.com/en-us/mem/intune/fundamentals/role-based-access-control) (**Assign** button > Enter role assignment name > Enter role assignment description > Select **admin groups** > Select **scope groups** > Select [**scope tags**](https://docs.microsoft.com/en-us/mem/intune/fundamentals/scope-tags) > **Create** button): [![INTUNE_20_2-(1).png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/K1imWPcy8mci9SdW-INTUNE_20_2-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/K1imWPcy8mci9SdW-INTUNE_20_2-(1).png) **Microsoft Azure** portal shows the following screen when successful: [![INTUNE_21_2.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/Eqt75eBJuGFn1NOW-INTUNE_21_2.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/Eqt75eBJuGFn1NOW-INTUNE_21_2.png) # Upload package to the Microsoft Intune from the Apptimized portal #### Package requirements Apptimized portal supports the following package formats: Table 3. Package formats
**Package type** **Details**
MSI Only packages with a single **MSI** file are supported. All external files (i.e., **CAB** and **CMD** files) should be included in the MSI package. The package size is capped at **8 GB** per package.
IntuneWin The **INTUNEWIN** file is created through the use of the **Microsoft Win32 Content Prep Tool**. The packaging tool converts application installation files into the **.intunewin** format via zipping all files and subfolders To use Win32 app management, a user must ensure the following criteria: - Windows 10 version 1607 or later (Enterprise, Pro, and Education versions); - Devices must be joined to Azure AD and auto-enrolled; - Windows application size is capped at **8 GB** per app. [Learn more](https://docs.microsoft.com/en-us/mem/intune/apps/apps-win32-app-management).
Apptimized portal shows an error message when these requirements are not fulfilled: [![intune_33.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/V68jbpCqmLeITtyf-intune_33.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/V68jbpCqmLeITtyf-intune_33.png) #### Upload the package to Microsoft Intune Before uploading the package to the Microsoft Intune, a user must ensure the availability of a ready-made package. The package can be generated using the **Packaging – Self Service** or **Packaging – Factory Service** steps of the **Project** workflow. [Learn more](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/packaging) about how to package the application.

**Note.** Packages are available for upload from the Apptimized portal to Intune only after finishing the **Packaging** step (Self Service or Factory Service). In other words, the ready-made package that was imported to the project on the **Import** step (i.e., the Package step is skipped) is not available for upload to Intune.

Apptimized portal supports the One-To-One-Integration model (i.e., 1 Apptimized project can be integrated into 1 Client App on the Microsoft Intune). The option to upload the package to Microsoft Intune is available under the **Project** menu > **Dashboards** > **Portfolio** > Select an application > **Actions** column > **Push to Intune** option. [![intune_30.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/oqh2j8Kgi7cZoYWi-intune_30.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/oqh2j8Kgi7cZoYWi-intune_30.png) [![intune_31.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/5tOUbKuDalJrAK0I-intune_31.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/5tOUbKuDalJrAK0I-intune_31.png) Apptimized portal shows the following screen when successful: [![intune_32_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-09/scaled-1680-/uRNEXyBlmScubEwy-intune_32_2.png)](https://docs.apptimized.com/uploads/images/gallery/2021-09/uRNEXyBlmScubEwy-intune_32_2.png) The **Intune apps list** provides a user the information on the full list of applications from the **Microsoft Intune** portal available in the **Apptimized** portal. The **Intune apps list** enables a user to manage applications from the **Microsoft Intune** portal without leaving the **Apptimized** portal. The option to upload the package to the **Microsoft Intune** portal is available under the **Add IntuneWin** button. The application information screen appears when successful: [![intune_34_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-09/scaled-1680-/tzGQAIeHL50nEaHk-intune_34_2.png)](https://docs.apptimized.com/uploads/images/gallery/2021-09/tzGQAIeHL50nEaHk-intune_34_2.png) Table 4. Application settings
**Setting** **Description**
**Application metadata block**
Display name This setting indicates the application name that will be displayed in the Intune apps list (i.e., **Tim Kosse FileZilla**). A user must make sure that the name of the application is entered as it appears in the Company Portal. All names must be unique. The field comes pre-filled based on the application’s metadata. This field is required.
Description This setting helps the device users to understand what the application is and/or what they can do in the application. This description appears in the company portal. This field is required.
Publisher This setting indicates the name of the developer or the company’s name that distributes the application. This information appears in the company portal. This field is required.
Privacy URL This setting indicates the URL of a website that contains privacy information about the application. The URL appears in the company portal.
Information URL This setting indicates the URL of a website that contains information about the application (I.e., a link to a website or documentation that provides more information about the application). The URL appears in the company portal.
**Application installation block**
Install command This setting configures the application installation command line to install the application (i.e., **msiexec /i "TimKosse\_FileZilla\_3.46.3.msi" /q**). The field comes pre-filled based on the package’s metadata (in the case a package contains the MSI). This field is required.
Uninstall command This setting configures the application uninstallation command line to uninstall the application based on its GUID (i.e., **msiexec /x "{C67DBEF5-4637-451C-991C-8794D3ECA1F6}" /q**). The field comes pre-filled based on the package’s metadata (in the case a package contains the MSI). This field is required.
Minimal system architecture This setting indicates the minimal system architecture requirements. The following options are available: - Windows 10 1607; - Windows 10 1703; - Windows 10 1709; - Windows 10 1803; - Windows 10 1809; - Windows 10 1903. The default value is **Windows 10 1607**. This field is required.
Operating system architecture This setting indicates the operating system architecture type. The following options are available: - 32-bit; - 64-bit. Multiple choice is available. This field is required.
Install context This field indicates the type of execution context the app runs in. The following options are available: - System - User The default value is **System**.
**MSI information block**
Product name This setting indicates the product name that will be displayed n the Microsoft Intune portal (i.e., **FileZilla**). The field comes pre-filled based on the application’s metadata. This field is required.
Product code This setting indicates the product code that is generated automatically using the GUID function (i.e., **{C67BDEF5-4637-451C-661C-8794D3ECA1F6}**). The field comes pre-filled. This field is required.
Publisher This setting indicates the publisher's name that will be displayed in the Microsoft Intune portal (i.e., **Tim Kosse**). The field comes pre-filled based on the application’s metadata. This field is required.
Product version This setting indicates the application version that will be displayed in the Microsoft Intune portal (i.e., **3.46.3**). The field comes pre-filled based on the application’s metadata.
**Detection rules block**
Detection type This setting indicates the detection rule type. The following options are available: - Msi (Verify based on MSI version check); - File (Verify based on file or folder detection, date, version, or size); - Registry (Verify based on value, string, integer, or version). - Script (Verify based on script).

**Note.** The detection rules are used to detect the presence of the application (i.e., **Microsoft Intune** can determine that the **IntuneWin** package has been installed).

Table 5. Detection rule types
**Detection rule type** **Description**
Msi [![intune_35_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/xOMosFi8LGmF9KdU-intune_35_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/xOMosFi8LGmF9KdU-intune_35_2.png) The **Product Code** field requires a valid MSI product code for the application. The following options to provide the product code available: - Msi information block > Product code; - To extract from the MSI package. The option to verify the MSI product version in addition to the MSI product code is available under the **Check product version** checkbox. [![intune_35_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/k3bgtY3rzyWQLBE7-intune_35_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/k3bgtY3rzyWQLBE7-intune_35_3.png) The option to set the operator condition rules is available under the **Operator** field. The following options are available: - Equals; - Not equal to; - Greater than or equal to; - Greater than; - Less than or equal to; - Less than. The default value is **Equals**. The **product version** field sets the application version that will be used for applying the operator condition rules. All required fields are marked with an asterisk \*.
File [![intune_35_5.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/4WA63h3jpWrJjUdS-intune_35_5.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/4WA63h3jpWrJjUdS-intune_35_5.png) The **Path** field requires the full path of the folder containing the file or folder to detect. The **File or folder** field requires the file or folder to detect. The **Detection method** field requires the type of detection method used to validate the presence of the application. The following options are available: - Date created; - Date modified; - File or folder exists; - Size in MB; - String (version). The default value is **File or folder exists**. All required fields are marked with an asterisk \*.
Registry [![intune_35_7.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/xQ2Q3WinuPziw3Cd-intune_35_7.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/xQ2Q3WinuPziw3Cd-intune_35_7.png) The **Key path** field requires the full path of the registry entry containing the value to detect. The **Value name** field requires the name of the registry value to detect. The **Detection method** field requires the type of detection method used to validate the presence of the application. The following options are available: - Key exists; - Key does not exist; - Integer comparison; - String comparison; - Version comparison. The default value is **Key exists**. All required fields are marked with an asterisk \*.
Script [![intune_39.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/n6qElzAQIUPY77ef-intune_39.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/n6qElzAQIUPY77ef-intune_39.png) The **Script content **field requires the full script code containing the PowerShell script to detect app presence The option to reprioritize signature check is available under **Enforce signature check **checkbox The option to run script in 32 bit mode is available under **Run as 32 bit **checkbox.
The ability to set multiple detection rules types is available under the **plus** symbol. [![intune_36.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/6E22WbFDBkckDXvC-intune_36.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/6E22WbFDBkckDXvC-intune_36.png) The option to delete the detection rules type is available under the **bin** symbol. [![intune_36_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/o6uaNsz4EbS2FOHy-intune_36_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/o6uaNsz4EbS2FOHy-intune_36_3.png) The application becomes available in the **Intune apps list** when clicking on the **Add** button and once the required settings are completed. The synchronization process may take a few moments. [![intune_37.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/uYtQPuhicrbzLXKJ-intune_37.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/uYtQPuhicrbzLXKJ-intune_37.png) The application disappears from the **Intune apps list** in the **Apptimized** portal when deleted in the **Microsoft Intune** portal. #### Edit application metadata The option to change the metadata of the application is available under the **Edit** button. [![intune_38.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/Ay6tT6V58M6TEkmv-intune_38.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/Ay6tT6V58M6TEkmv-intune_38.png) Apptimized shows the following modal window: [![intune_39_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-05/scaled-1680-/Bwl4AR1iEvRruQE6-intune_39_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-05/Bwl4AR1iEvRruQE6-intune_39_2.png) The added or changed metadata information applies when clicking the **Save** button. After that, the application metadata is successfully saved for the application in the **Microsoft Intune** portal. # Apptimized TO GO Agent User Guide # Apptimized TO GO Agent integration #### Enable Apptimized TO GO agent The one-time configuration is available for project administrators under **Settings** in the project menu > **Apptimized TO GO** section. Apptimized - TO GO becomes active when switched on. [![to_go_02_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/ja7IqWTFZpix6JCP-to_go_02_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/ja7IqWTFZpix6JCP-to_go_02_2.png) Settings are persisted on click to **Save** button. [![to_go_04_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/l7hlXAX6o1rk0YGb-to_go_04_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/l7hlXAX6o1rk0YGb-to_go_04_1.png) If the endpoint connects to the internet via the proxy server, configure the connection by turning on **Enable proxy** and selecting **Use default windows credentials** or providing credentials in **Username** and **Password** fields. Settings are persisted on click to **Save** button. In case of success, Apptimized shows the following notification: [![to_go_03.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/SddXnRmc5HQHEwUS-to_go_03.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/SddXnRmc5HQHEwUS-to_go_03.png) #### Apptimized TO GO agent installer The integration procedure ends up with the installation of Apptimized TO GO Agent to the endpoint PC. The installer is available for project administrators under **Settings** in project menu > **Apptimized TO GO** section > **Download Apptimized - TO GO installer** button. [![to_go_04.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/TNoacvnnOp2xLNH1-to_go_04.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/TNoacvnnOp2xLNH1-to_go_04.png) The installer comes compressed in the **ApptimizedTOGO.zip** archive. [![to_go_05_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/amraP3I4OJmVQKfM-to_go_05_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/amraP3I4OJmVQKfM-to_go_05_3.png) Installation starts by launching **install.cmd.** **Apptimized TO GO** agent installs silently and takes few minutes to complete. [![to_go_06.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/JphYHtqCInoizON4-to_go_06.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/JphYHtqCInoizON4-to_go_06.png) **Apptimized TO GO** agent launches from the Start menu: [![to_go_07.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/E7Uyu6wsJbGp2Lk0-to_go_07.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/E7Uyu6wsJbGp2Lk0-to_go_07.png) #### #### Application import To run the **Discovery** or **Testing** process via **Apptimized TO GO** the application must be imported to the project. The option to start the import is called “**Classic import**”. It is available under **Import** in project menu > **Start Import** section > **Classic import** option. [![to_go_08_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/UZhQoLS0zqkVZq2I-to_go_08_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/UZhQoLS0zqkVZq2I-to_go_08_2.png) The initial preparation process may take a while. In case of success, Apptimized shows the **Upload sources and discovery document** step. [![to_go_09.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/c3nEbDex5kJhgwqo-to_go_09.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/c3nEbDex5kJhgwqo-to_go_09.png) Three options to upload **Installation Source** are available: - Upload application file from customer's PC; [![to_go_10_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/6NVJj2N85iCJXVbP-to_go_10_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/6NVJj2N85iCJXVbP-to_go_10_1.png) - Upload application file from the Internet; [![to_go_10_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/9cIKk4pBr35ZimZB-to_go_10_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/9cIKk4pBr35ZimZB-to_go_10_2.png) - Upload application file from the file storage. [![to_go_10_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/LDm4uNLJnFxaEqlF-to_go_10_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/LDm4uNLJnFxaEqlF-to_go_10_3.png) The **Installation Source** uploading progress is shown as follows: [![to_go_11.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/1xMzEPX7lMeXgGqY-to_go_11.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/1xMzEPX7lMeXgGqY-to_go_11.png) The uploading time depends on the application's size. When the download of the application is completed, the customer can start uploading another application. **Five** application uploads are available for one session. Uploading **Discovery** **Document** is optional. A discovery document can be generated in previous sessions. **One** discovery document upload is available for **one** session. The **Upload sources and discovery document** step finalizes by clicking on the **Next** button. Apptimized shows the **Metadata** step when successful. [![to_go_12.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/RIzmmDhx5RAzUN6P-to_go_12.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/RIzmmDhx5RAzUN6P-to_go_12.png) The process reverts to the previous step by clicking on the **Upload sources and discovery document** button. [![to_go_13.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/bedL3VjubW42vE3E-to_go_13.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/bedL3VjubW42vE3E-to_go_13.png) To extract the application metadata automatically a customer can select the main installer from the list on the left or can enter the metadata manually into the fields on the right. All required fields have \* in front of their label. The following metadata will be provided: Table 1. Application metadata
**Metadata** **Details**
Application ID The application ID is a unique identifier generated automatically for every application during its upload. Application ID provides application identification.
Reference This field is optional and can stay blank. This field provides additional comments from a customer to the Apptimized portal (i.e. internal application ID).
Vendor This field defines the vendor name (i.e. Tim Kosse). This is a required field.
Software This field defines the application name (i.e. FileZilla). This is a required field.
Version This field defines the application version (i.e. 3.46.3). This is a required field.
Language This field defines the application language (i.e. English (United States)). This is a required field.
A previous version of an application This field defines if the previous version of the application is available in the portfolio. The default value is **None, it is the first version of the application in the portfolio**. A click opens a dropdown list to select the previous version of the application from the list.
Enable Echo This option defines if Echo is needed to be enabled. The Echo is enabled by default.
The prerequisites can be added by clicking on the **Add prerequisites** button.

A prerequisite may be a specific application that must be installed before the target application.

A field "**Select media type for** …" is filled automatically can be changed if needed. A prerequisite is added by clicking on the **Save** button. Apptimized shows the following notification when successful: [![to_go_16.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/uynQC32RqzBfxMhM-to_go_16.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/uynQC32RqzBfxMhM-to_go_16.png) Current prerequisites can be changed by clicking on the **Edit** **prerequisites** button and by following the same set of operations as for adding a prerequisite. [![to_go_15.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/8hkyypxwFMXxJN1Z-to_go_15.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/8hkyypxwFMXxJN1Z-to_go_15.png) The **Metadata** step finalizes by clicking on the **Finish** button. A **Transition screen** for application immediately appears where the **Workflow scheme** and modalities for interaction with the application (namely discovery, packaging, testing) are available. [![to_go_17.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/MUPMaHIf3KkZXkcC-to_go_17.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/MUPMaHIf3KkZXkcC-to_go_17.png) **Apptimized TO GO** can be used only for **Discovery** and **Testing**. # Run the Apptimized TO GO agent Launching **Apptimized TO GO** agent is available in two options: **Download To Go file** or **Use a deployment code.** #### **Using a TO GO file** When clicking on the **Download TO GO** **file** button a file becomes available on the customer's PC in the **Downloads** folder. [![to_go_20_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/TvwyZLrHYHrj4HIK-to_go_20_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/TvwyZLrHYHrj4HIK-to_go_20_1.png) **Apptimized TO GO** **agent** launches when clicking on the **Apptimized - TO GO Manifest** file (i.e. **70116.Apptimized.togo**). [![to_go_20_3.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/lOvBbLqzFMS9uarx-to_go_20_3.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/lOvBbLqzFMS9uarx-to_go_20_3.png) A guide recording process via **Apptimized TO GO agent** starts. A customer needs to navigate to the files to be installed. As it is shown on the screenshot below the file is available in the **Source** folder. [![to_go_24.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/FZtgGWeXdZjQtVsw-to_go_24.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/FZtgGWeXdZjQtVsw-to_go_24.png) The initial preparation process may take a while. [![to_go_22_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/goy1TaIXgQwcs5vO-to_go_22_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/goy1TaIXgQwcs5vO-to_go_22_2.png) To transfer a customer experience to Apptimized all installation and configuration steps with the application must be proceeded. [![to_go_25.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/xKQZo5veuF9sEX0m-to_go_25.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/xKQZo5veuF9sEX0m-to_go_25.png) The session finishes by clicking on the **Finish session** button. [![to_go_26.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/zsbURxQ6G4xu79kL-to_go_26.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/zsbURxQ6G4xu79kL-to_go_26.png) The following notifications will appear when successful: [![to_go_28.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/KPlqJa7etv6ypCCK-to_go_28.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/KPlqJa7etv6ypCCK-to_go_28.png) [![to_go_27.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/VDRFucllQW7ZURvf-to_go_27.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/VDRFucllQW7ZURvf-to_go_27.png) ##### #### **Using a deployment code** The text will be copied to a clipboard when clicking on a deployment code. [![29-(2).png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/nzqoaPFp1DVOaRFx-29-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/nzqoaPFp1DVOaRFx-29-(2).png) To establish a connection of a customer machine with Apptimized in the cloud the **Apptimized TO GO** agent launches from the **Start** menu. Then the deployment code must be entered into a pop-up window. [![to_go_22_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/SnlaeoMuZvlM5TXp-to_go_22_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/SnlaeoMuZvlM5TXp-to_go_22_1.png) Apptimized Files with uploaded files will be automatically uploaded to the folder after clicking on the **OK** button: [![33-(3).PNG](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/7njQVGUhplkEGXB4-33-(3).PNG)](https://docs.apptimized.com/uploads/images/gallery/2020-03/7njQVGUhplkEGXB4-33-(3).PNG) A guide recording process via **Apptimized TO GO agent** starts. A customer needs to navigate to the files to be installed. As it is shown on the screenshot below the file is available in the **Source** folder. [![to_go_24.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/FZtgGWeXdZjQtVsw-to_go_24.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/FZtgGWeXdZjQtVsw-to_go_24.png) The initial preparation process may take a while. [![to_go_22_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/goy1TaIXgQwcs5vO-to_go_22_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/goy1TaIXgQwcs5vO-to_go_22_2.png) To transfer a customer experience to Apptimized all installation and configuration steps with the application must be proceeded. [![to_go_25.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/xKQZo5veuF9sEX0m-to_go_25.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/xKQZo5veuF9sEX0m-to_go_25.png) The session finishes by clicking on the **Finish session** button. [![to_go_26.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/zsbURxQ6G4xu79kL-to_go_26.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/zsbURxQ6G4xu79kL-to_go_26.png) The following notifications will appear when successful: [![to_go_28.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/KPlqJa7etv6ypCCK-to_go_28.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/KPlqJa7etv6ypCCK-to_go_28.png) [![to_go_27.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/VDRFucllQW7ZURvf-to_go_27.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/VDRFucllQW7ZURvf-to_go_27.png) # Discovery via Apptimized TO GO Agent Before implementing the **Discovery** via **Apptimized TO GO** the [application must be imported](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/apptimized-to-go-integration "Apptimized TO GO integration") to the project. Using the **Discovery** module, a customer can record a guide to install and configure the application. Customer’s actions are automatically captured as step-by-step screenshots and further described in textual format automatically. Before sending a document (which is available in PDF and HTML formats) to Apptimized, the customer can change the scenario that they recorded (i.e., to swap screenshots, to edit comments for each screenshot or to delete unnecessary screenshots). The discovery process starts by clicking on the **Discovery** module on the Transition screen. [![to_go_17_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/g6sAEB0WmTOZhNbC-to_go_17_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/g6sAEB0WmTOZhNbC-to_go_17_1.png) Apptimized shows the following interface when successful: [![to_go_18_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/edaRKPapDmlRLOIz-to_go_18_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/edaRKPapDmlRLOIz-to_go_18_1.png) A field "**Select discovery platform**" is filled automatically and can be changed if needed. [![to_go_18.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/xyRLkGAXg3B1VcqD-to_go_18.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/xyRLkGAXg3B1VcqD-to_go_18.png) The **Apptimized To Go** is enabled by ticking the checkbox and clicking on the **Run Apptimized - To Go** button. [![to_go_19.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/RXqWOPoEzaenFuEA-to_go_19.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/RXqWOPoEzaenFuEA-to_go_19.png) The files synchronizing process may take a while. In case of success, Apptimized shows the following interface: [![to_go_20.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/BtfwGEVu3aUsI44a-to_go_20.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/BtfwGEVu3aUsI44a-to_go_20.png) The instructions to launch **Apptimized TO GO agent** were provided in the paragraph "[Run the Apptimized TO GO agent](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/run-the-apptimized-to-go-agent "Launching Apptimized TO GO agent")". The following interface will appear when recording session with **Apptimized TO GO agent** finishes: [![to_go_29.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/K4eEnhJIakEoWzmN-to_go_29.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/K4eEnhJIakEoWzmN-to_go_29.png) Screenshots editing mode becomes active when clicking on the **Continue with Discovery - Screenshots** button. Screenshots can be excluded from discovery by clicking on the **Delete** button. [![41-(2).png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/nDCPNpZneFMifFaY-41-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/nDCPNpZneFMifFaY-41-(2).png) Screenshots can be excluded from discovery in a multiple mode by unticking checkboxes in front of their ID and clicking on the **Delete selected screenshots** button. [![52-(2).PNG](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/Hg3YH3vskTdt4wCj-52-(2).PNG)](https://docs.apptimized.com/uploads/images/gallery/2020-03/Hg3YH3vskTdt4wCj-52-(2).PNG) Screenshots sequence can be changed in discovery by clicking on the **Up** or **Down** buttons. [![to_go_32_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/WPOQnKA7WXddSlpf-to_go_32_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/WPOQnKA7WXddSlpf-to_go_32_1.png) [![to_go_32_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/tnVgsFVsTgqwAcZn-to_go_32_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/tnVgsFVsTgqwAcZn-to_go_32_2.png) Comments to the screenshots can be edited by clicking on the comment cell. [![to_go_33.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/98KvWYS2QjTwrZSA-to_go_33.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/98KvWYS2QjTwrZSA-to_go_33.png) The field **Additional comment (Optional)** can stay blank. Screenshots editing mode finalizes when clicking on the **Save changes** button. [![to_go_33_4.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/ARLYAxz2JfszcxD6-to_go_33_4.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/ARLYAxz2JfszcxD6-to_go_33_4.png) Apptimized shows the following interface when successful: [![to_go_34.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/9bcoSTYzcvohz25F-to_go_34.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/9bcoSTYzcvohz25F-to_go_34.png) The generated document is available in PDF and HTML formats. Download starts when clicking on the **Download generated HTML document** or **Download generated PDF document** buttons. A discovery document can be edited by clicking on the **Edit generated document** button. The document editing finalizes by clicking on the **Save** button. [![to_go_35_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/GH21gbxc2sAOaXHG-to_go_35_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/GH21gbxc2sAOaXHG-to_go_35_1.png) The process reverts to the screenshots editing mode by clicking on the **Revert to Discovery - Screenshots** button and finalizes by clicking on the **Finish** button. # Testing via Apptimized TO GO Agent Before implementing the **Testing** via **Apptimized TO GO** the [application must be imported](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/apptimized-to-go-integration "Apptimized TO GO integration") to the project. Using the **Testing** module, a customer can record a guide to install and configure the application. Also, a testing option can be enabled and the status of the testing can be set. The testing process starts by clicking on the **Skip for Testing** button (before or after discovery step) and clicking in the **Testing** module on the Transition screen. [![to_go_39.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/7iPHpzd36RAxHsrU-to_go_39.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/7iPHpzd36RAxHsrU-to_go_39.png) Apptimized shows the following interface when successful: [![to_go_40.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/CJaIQN0ozo89EhDS-to_go_40.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/CJaIQN0ozo89EhDS-to_go_40.png) A field "**Select discovery platform**" is filled automatically and can be changed if needed. The **Apptimized To Go** is enabled by ticking the checkbox and clicking on the **Run Apptimized - To Go** button. The files synchronizing process may take a while. In case of success, Apptimized shows the following interface: [![to_go_41.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/chXvZICyTi5VZS9H-to_go_41.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/chXvZICyTi5VZS9H-to_go_41.png) The instructions to launch **Apptimized TO GO agent** were provided in the paragraph "[Run the Apptimized TO GO agent](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/run-the-apptimized-to-go-agent "Launching Apptimized TO GO agent")". The following interface will appear when recording session with **Apptimized TO GO agent** finishes: [![to_go_37.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/zMjmcXC4NQ91kEL9-to_go_37.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/zMjmcXC4NQ91kEL9-to_go_37.png) Screenshots editing mode becomes active when clicking on the **Continue with Testing - Results** button. Apptimized shows the following interface when successful: [![to_go_42.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/8ivNtExL3gnLL7sF-to_go_42.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/8ivNtExL3gnLL7sF-to_go_42.png) The following options to log test session results are available: - Untested; - Success; - Failed. The default value is **Untested**. [![to_go_42_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/wQ3JQVfDuaqN7IFI-to_go_42_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/wQ3JQVfDuaqN7IFI-to_go_42_2.png) The field **Optional comment** can stay blank. Screenshots can be excluded from discovery by clicking on the **Delete** button. [![41-(2).png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/nDCPNpZneFMifFaY-41-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/nDCPNpZneFMifFaY-41-(2).png) Screenshots can be excluded from discovery in a multiple mode by unticking checkboxes in front of their ID and clicking on the **Delete selected screenshots** button. [![52-(2).PNG](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/Hg3YH3vskTdt4wCj-52-(2).PNG)](https://docs.apptimized.com/uploads/images/gallery/2020-03/Hg3YH3vskTdt4wCj-52-(2).PNG) Screenshots sequence can be changed in discovery by clicking on the **Up** or **Down** buttons. [![to_go_32_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/WPOQnKA7WXddSlpf-to_go_32_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/WPOQnKA7WXddSlpf-to_go_32_1.png) [![to_go_32_2.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/tnVgsFVsTgqwAcZn-to_go_32_2.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/tnVgsFVsTgqwAcZn-to_go_32_2.png) Comments to the screenshots can be edited by clicking on the comment cell. [![to_go_33.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/98KvWYS2QjTwrZSA-to_go_33.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/98KvWYS2QjTwrZSA-to_go_33.png) The field **Additional comment (Optional)** can stay blank. [![to_go_43.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/3mWW4zscqa243gO5-to_go_43.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/3mWW4zscqa243gO5-to_go_43.png) Screenshots editing mode finalizes when clicking on the **Save changes** button. Apptimized shows the following interface when successful: [![to_go_43_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/9sFKRERFa8R9Napl-to_go_43_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/9sFKRERFa8R9Napl-to_go_43_1.png) The generated document is available in PDF and HTML formats. Download starts when clicking on the **Download generated HTML document** or **Download generated PDF document** buttons. A testing document can be edited by clicking on the **Edit generated document** button. The document editing finalizes by clicking on the **Save** button. [![to_go_35.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/81QuWDcq6wC67C3y-to_go_35.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/81QuWDcq6wC67C3y-to_go_35.png) The process reverts to the screenshots editing mode by clicking on the **Revert to Testing - Results** button and finalizes by clicking on the **Finish** button. [![to_go_44.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/6JYhV1F7S3sn5z31-to_go_44.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/6JYhV1F7S3sn5z31-to_go_44.png) # Download the documentation The download process starts by clicking on the **Download** module on the Transition screen: [![to_go_45.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/LFUfIak69CnkdafU-to_go_45.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/LFUfIak69CnkdafU-to_go_45.png) Apptimized shows the following interface when successful: [![to_go_46.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/5TYBArtfcPsb8uCi-to_go_46.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/5TYBArtfcPsb8uCi-to_go_46.png) The process reverts to the initial screen by clicking on the **Revert to Transition screen** button. The process finalizes by rating the Apptimized experience and clicking on the **Complete** button. Apptimized shows the following notification when successful: [![to_go_47.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/3wkmYICXYij5INag-to_go_47.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/3wkmYICXYij5INag-to_go_47.png) # Apptimized TO GO Agent Administration Guide # Apptimized TO GO Agent infrastructure ### Infrastructure components Apptimized TO GO allows a customer to turn a local machine, PC's or VM's into Apptimized VM so that they can be used for discovery and testing. Apptimized TO GO can be used for discovery and testing on local test PCs or VMs in the customer's own environment. Apptimized TO GO infrastructure depends on the type of solution a customer chooses (see Cases 1). ##### Case 1. A customer implements Apptimized TO GO agent only to automate discovery and testing within on-premises PCs and VMs. The figure below shows the scheme of the Apptimized TO GO agent infrastructure. [![infr_01.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/zikQC4xsIPTXHR2M-infr_01.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/zikQC4xsIPTXHR2M-infr_01.png) The infrastructure components details are described in Table 1. Table 1. Infrastructure components
**Component** **Details**
1\. Apptimized Portal The platform where Apptimized customer manages projects portfolios. Requires an active project with enabled and configured Apptimized TO GO settings. Technical requirement for working in Apptimized: 1\. Browsers: - Google Chrome (version 75.0 or above); - Mozilla Firefox (version 60.0 or above); - Apple Safari (version 12.0 or above); - Internet Explorer with (version 11.0); - Microsoft Edge with version 83 and above. 2. Enabled Java-script in browser; 3\. Speed of internet connections – min 50 Mb/s. 4\. Enabled firewall white list: https://app.apptimized.com/; https://rdp-gw.apptimized.com/; https://cdn.apptimized.com; https://screenshots.api.apptimized.technology; https://auth.apptimized.com; \*.swarm.apptimized.com; \*.chatlio.com
2\. Customer Environment Information technology environment, including software, hardware, and systems (e.g., endpoint PCs, VMs, servers, networks).

The access of endpoint PC or VM to the 80 and 443 port of the app.apptimized.com host is a prerequisite. Microsoft Windows Desktop (Windows 7 and above) or Server OS (Windows Server 2012 R2 and above) with installed .NET Framework 4.6.1.

2.1. Proxy server This component is optional. A proxy server is a third party between the customer and the service (the Apptimized Portal). A proxy server manages the requests sent by the customer and completes them depending on the system's preferences.
2.2. Apptimized TO GO agent Apptimized TO GO agent is a software that sends information from the VM to Apptimized (i.e., screenshots, user actions, etc.), and does not control VM in any case. Apptimized TO GO agent allows a customer to turn a local machine, PC's or VM's into Apptimized VM so that they can be used for discovery and testing. The Apptimized TO GO agent must be installed and launched on a local PC by the local administrator.
### Communication process and methods The Apptimized Portal communicates to the Customer environment via API. To integrate the Apptimized Portal, the Apptimized TO GO agent must be installed to the endpoint PC. To identify the customer, a deployment code (i.e. **3D6-111DC-1**) or TO GO file (i.e. **11321.Apptimized.togo**) from Apptimized is used. Any other identifications from the customer will not be requested. When data is received from the Apptimized Portal, the Apptimized TO GO agent mounts a network share with source files and prerequisites using Command Prompt commands. UI automation is used for capturing user interactions while discovery and testing. Screenshots are sent every 500 milliseconds. UI automation is used to playback the recorded actions in Echo. The TO GO agent is configured to communicate with the Apptimized Portal using HTTPS protocol. The text box below provides the certificate details:

Issued by – K Software certificate Authority (DV) 2 [https://sectigo.com/legal](https://sectigo.com/legal) Version – V3 Signature algorithm – sha256RSA Signature hash algorithm – sha256 Public key – RSA (2048 Bits) TLS – 1.2

The information flow content depends on the type of customer activity (see Cases 2-3). ##### Case 2. A customer discovers/ tests **TimKosse\_FileZilla\_3.46.3\_English(United States)** via **Apptimized TO GO agent**. To run the **Apptimized TO GO agent** a deployment code is used. **Outbound information** - a data sent from the Apptimized Portal: - network share connection parameters

Share UNC path - **\\\\\\\\apptimizedshare.file.core.windows.net\\\\78d2a2cccf7dfd9e4154fa04f98e1e7f;** Share Login - **AZURE\\\\apptimized;** Share Password - **+Tnqfi81aTbPI7nuE9E8j5nXxGGs52jBNcysKA4a6MhK9GFNb0Ti8dlu1ZtpCjNOFy5P8MvPVGGVZkEo6DggjQ==**

- an application metadata;

Application vendor - **Tim Kosse**; Application name - **FileZilla**; Application version - **3.46.3**; Application language - **English(United States)**

- an action mode metadata;

Echo enabled - **True;** Mode - **Discovery**; Self service mode - **No**.

**Inbound information** - a data sent to the Apptimized Portal: - a request to receive the manifest; - records of the customer's actions. ``` "Type": 10,     "HasKeyboardFocus": true,     "Text": "hello",     "InitialText": null,     "Id": "7167ac61f40342d89cf061f61cab6d49",     "ProducerId": null,     "Window": {       "Title": "*new 2 - Notepad++",       "Screenshot": in base64 string format ``` ##### Case 3. A customer discovers/ tests **TimKosse\_FileZilla\_3.46.3\_English(United States)** via **Apptimized TO GO agent**. To run the **Apptimized TO GO agent** a TO GO file is used. **Outbound information** - a data sent from the Apptimized Portal: - TO GO file - **Apptimized.togo.** **Inbound information** - a data sent to the Apptimized Portal: - records of the customer's actions. ``` "Type": 10,     "HasKeyboardFocus": true,     "Text": "hello",     "InitialText": null,     "Id": "7167ac61f40342d89cf061f61cab6d49",     "ProducerId": null,     "Window": {       "Title": "*new 2 - Notepad++",       "Screenshot": in base64 string format ``` # Security To ensure security Apptimized complies with the following cybersecurity standards: - ISO 15408; - ISO/IEC 27001; - ISO/IEC 27002; - ANSI/ISA 62443 (Formerly ISA-99); - IEC 62443; A military-grade security protocol ([TLS/SSL](https://docs.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview)) is used by Apptimized to provide privacy and data integrity between two or more communicating applications. Apptimized safety audit entails a network scan of its resources to identify vulnerabilities and non-penetration. The screenshot below shows the vulnerability report provided by **Detectify** for **app.apptimized.com**. [![sccm_adm_03_4.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/MmESvmM2142UiAbc-sccm_adm_03_4.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/MmESvmM2142UiAbc-sccm_adm_03_4.png) The screenshots below show the SSL report of **app.apptimized.com**. [![sccm_adm_05_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/FDOxbDM9eImMUoJX-sccm_adm_05_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/FDOxbDM9eImMUoJX-sccm_adm_05_1.png) [![sccm_adm_05_5.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/ochmWF8LIzubGeyF-sccm_adm_05_5.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/ochmWF8LIzubGeyF-sccm_adm_05_5.png) # Technical workflows ### Using a TO GO file workflow The figure below shows a workflow when a TO GO file is used to run the Apptimized TO GO agent. The instructions to run the Apptimized TO GO agent are considered in the **Apptimized TO GO user manual**. [![workflow_file.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/pvHtW3obG9lcmstn-workflow_file.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/pvHtW3obG9lcmstn-workflow_file.png) ### Using a deployment code workflow The figure below shows a workflow when a deployment file is used to run the Apptimized TO GO agent. The instructions to run the Apptimized TO GO agent are considered in the **Apptimized TO GO user manual**. [![workflow_code.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/QrPVxOfn730IGw9J-workflow_code.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/QrPVxOfn730IGw9J-workflow_code.png) ### Using a TO GO hypervisor connector workflow [![to-go-hypervisor_workflow.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/cQ1sluzl2QiBc5ga-to-go-hypervisor_workflow.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/cQ1sluzl2QiBc5ga-to-go-hypervisor_workflow.png) # Azure Tenant VDI Provider Integration This manual page refers to the Azure-side configuration of the virtualization provider. The Apptimized-side configuration is available under [**Azure Switch**](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/project-settings#bkmrk-providers). ##### Application Registration The option to register the application under the Azure Portal is available under **Azure Active Directory > App registrations > New registration** (see [Application registrations](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/integration-f61#bkmrk-application-registra)). **Application (Client) Id, Directory (Tenant) Id, Client Secret** are required under the [**Azure Switch** ](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/project-settings#bkmrk-providers)configuration. ##### Resource group creation The option to create a resource group is available under **portal.azure.com > Resource Groups > Create**. **[![vdi_1-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/JAaUFb6Q9esZjMDu-vdi_1-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/JAaUFb6Q9esZjMDu-vdi_1-(2).png)** **Microsoft Azure** portal shows the following screen when successful: [![vdi_2-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/6u73uRYCEY0mCSsU-vdi_2-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/6u73uRYCEY0mCSsU-vdi_2-(1).png) The option to set up resource group name is available under the **Resource group** field. [![vdi_3-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/TzcBfOT17W8A9QZ8-vdi_3-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/TzcBfOT17W8A9QZ8-vdi_3-(1).png) The option to select the region for the resource group is available under the **Region** field. [![vdi_4-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/optdRrhHT4bQ939x-vdi_4-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/optdRrhHT4bQ939x-vdi_4-(1).png)

**Note.** **Resource Group** name & Region must be used in configuring [**Azure Switch**](https://docs.apptimized.com/books/apptimized-platform-admin-manual/page/integration-f61#bkmrk-application-registra)

The option to review the resource group is available under the **Review + create** button. [![vdi_5-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/CeNuo8e8z6Cf8BVu-vdi_5-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/CeNuo8e8z6Cf8BVu-vdi_5-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_6-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/ucoa1TOXQyOAq4Sa-vdi_6-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/ucoa1TOXQyOAq4Sa-vdi_6-(2).png)

**Note**. If the validation was successful, the following notification appears: [![vdi_8-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/bASGUDqeYZxLnUfN-vdi_8-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/bASGUDqeYZxLnUfN-vdi_8-(1).png)

The option to create a resource group is available under the **Create** button. [![vdi_7-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/mqa3pTcelAAWKEjA-vdi_7-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/mqa3pTcelAAWKEjA-vdi_7-(1).png) Microsoft Azure portal shows the following notification when successful. Created resource group appears in the list of resource groups. [![vdi_9-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/C1YKw7aFtUzinsSj-vdi_9-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/C1YKw7aFtUzinsSj-vdi_9-(1).png) ##### Resource group permission issuance The option to give permissions to the resource group is available under **Resource group > Choose group > Access control (IAM)**. [![vdi_10-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/THHVZUueHCp8ysn5-vdi_10-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/THHVZUueHCp8ysn5-vdi_10-(1).png) The option to add Role assignment is available under **Add > Add role assignment**. [![vdi_11-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/bcNj2lomAi2T6GY3-vdi_11-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/bcNj2lomAi2T6GY3-vdi_11-(1).png) Microsoft Azure portal shows the following window when successful: [![vdi_12-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/HXGQp52P5tCAzAFA-vdi_12-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/HXGQp52P5tCAzAFA-vdi_12-(1).png) The option to assign roles is available under the **Role drop-down list**. The necessary roles for the Azure VDI configuration are: **Virtual Machine Contributor, Network Contributor, Disk Snapshot Contributor.** [![vdi_13-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/vGH48p3lUrEpXQBt-vdi_13-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/vGH48p3lUrEpXQBt-vdi_13-(1).png)

**Note**. Only one role can be assigned per one action.

The option to add role assignment to the application is available under the **Select** field. Selected members will appear below the section. [![vdi_14-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/mGcEYeMelfdhT7BS-vdi_14-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/mGcEYeMelfdhT7BS-vdi_14-(1).png) The option to submit changes is available under the **Save** button. [![vdi_15-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/2WA5azLNZ7e4KD81-vdi_15-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/2WA5azLNZ7e4KD81-vdi_15-(1).png) ##### Virtual Network Creation The option to create virtual networks is available under **portal.azure.com > Virtual networks > Create**. [![vdi_16-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/njFQ7SbX7mU8LGel-vdi_16-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/njFQ7SbX7mU8LGel-vdi_16-(2).png)

**Note.** The network creation will heavily depend on Azure networking configuration.

Microsoft Azure portal shows the following screen when successful: [![image-22.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/iVEAGJI78izGiGwm-image-22.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/iVEAGJI78izGiGwm-image-22.png) The ability to create a virtual network becomes available after setting up **Resource group, Name, Region, Address space field & Subnet**. The option to set up **Resource group, Name,** and **Region** is available under the **Basics** tab. [![vdi_17-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/De5EzYnkHeYZx81U-vdi_17-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/De5EzYnkHeYZx81U-vdi_17-(1).png) The option to set up a Resource group is available under the Resource group drop-down list. [![vdi_18-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/74gIOhIEgm90pyKI-vdi_18-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/74gIOhIEgm90pyKI-vdi_18-(1).png)

**Note.** The resource group must be the one that was created in a previous chapter.

The option to set up a **Name** is available under the **Name** field. [![vdi_19-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/igvmLqjS6LsjfkpS-vdi_19-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/igvmLqjS6LsjfkpS-vdi_19-(1).png) The option to set up a **Region** is available under the **Region** field. [![vdi_20-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/UKy1LLNnDUwf9YIM-vdi_20-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/UKy1LLNnDUwf9YIM-vdi_20-(1).png)

**Note.** The region must be equal to the resource group region.

The option to set up IP Addresses is available under the **IP Addresses** tab. [![vdi_21-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/ioYp4bZUfN6ddUsF-vdi_21-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/ioYp4bZUfN6ddUsF-vdi_21-(2).png) The option to add an IPv4 address is available under the IPv4 address space. [![vdi_22-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/NcrfaJFAlxp0KrGu-vdi_22-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/NcrfaJFAlxp0KrGu-vdi_22-(2).png) The option to add a subnet address is available under **Add subnet** button. [![vdi_23-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/H6fFRtvsqnKnvl73-vdi_23-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/H6fFRtvsqnKnvl73-vdi_23-(2).png) Microsoft Azure portal shows the following screen when successful: [![vdi_24-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/OyD5WgnCDwShvqaQ-vdi_24-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/OyD5WgnCDwShvqaQ-vdi_24-(1).png) The option to add a Subnet name is available under the **Subnet name** field. [![vdi_25-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/oAJ7E6rsG3feUCwr-vdi_25-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/oAJ7E6rsG3feUCwr-vdi_25-(1).png) The option to add the Subnet address range is available under the **Subnet address range** field. [![vdi_26-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/yOivw3FWxygRChQL-vdi_26-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/yOivw3FWxygRChQL-vdi_26-(1).png) The option to finish Add subnet process is available under **Add** button. [![vdi_27-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Zmh8UwZFebIOymGl-vdi_27-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Zmh8UwZFebIOymGl-vdi_27-(1).png) The option to continue the creation process is available under the **Review + create** button. [![vdi_28-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/ZD8vlPEp7Ywvt31P-vdi_28-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/ZD8vlPEp7Ywvt31P-vdi_28-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_29.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/GZnyWWOhnnaH725n-vdi_29.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/GZnyWWOhnnaH725n-vdi_29.png) The option to create a virtual network is available under the **Create** button. [![vdi_30-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Fb3HBS66iBGadNlV-vdi_30-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Fb3HBS66iBGadNlV-vdi_30-(1).png) Microsoft Azure portal shows the following notification when successful: [![vdi_31-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/mBZLUT7QkKwiACcx-vdi_31-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/mBZLUT7QkKwiACcx-vdi_31-(1).png) Microsoft Azure portal shows the following screen after the creation process is finished: [![vdi_32-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/GFaKh15aIBh9yDy1-vdi_32-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/GFaKh15aIBh9yDy1-vdi_32-(2).png)

**Note.** Virtual Network name & Subnet name are required under the [Azure Switch](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/project-settings#bkmrk-azure-switch-0) configuration in Apptimized Portal

##### Network Security Group Creation The option to create Network Security Groups is available under **portal.azure.com > Network security groups > Create**. [![vdi_32_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/8kfTn61jJDIfYCuD-vdi_32-(3).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/8kfTn61jJDIfYCuD-vdi_32-(3).png) Microsoft Azure portal shows the following screen when successful: [![vdi_33-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/aWQVhrUiHIBTkoGV-vdi_33-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/aWQVhrUiHIBTkoGV-vdi_33-(1).png) The option to select a resource group is available under the **Resource group** drop-down list. [![vdi_34-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/ZrvdDw0ua1obm9Fr-vdi_34-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/ZrvdDw0ua1obm9Fr-vdi_34-(1).png) The option to set up a name is available under the **Name** field. [![vdi_35-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/qMpEY8jgRYiE8Gyi-vdi_35-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/qMpEY8jgRYiE8Gyi-vdi_35-(1).png) The option to set up a **region** is available under the **Region** field. [![vdi_36-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/zhSJHI01V20WKf8s-vdi_36-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/zhSJHI01V20WKf8s-vdi_36-(1).png) The option to review the Network Security Group is available under the **Review + Create** button. [![vdi_37-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/rvUvm2O3znw9HI1x-vdi_37-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/rvUvm2O3znw9HI1x-vdi_37-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_38-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/WDI56r89A8MI4fqO-vdi_38-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/WDI56r89A8MI4fqO-vdi_38-(1).png) The option to finish the creation process is available under the **Create** button. [![vdi_39-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/l4sXE6o2x8IU15cg-vdi_39-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/l4sXE6o2x8IU15cg-vdi_39-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_40-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/61dx5Wi9pItEtJ3P-vdi_40-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/61dx5Wi9pItEtJ3P-vdi_40-(2).png) ##### Associate subnet with Network Security Group The option to associate subnet from Virtual network with Network security group is available under **portal.azure.com > Network security group >** **select group > Subnets > Associate**. **[![vdi_40_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/42Pp8MMeOTNeYzIe-vdi_40-(3).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/42Pp8MMeOTNeYzIe-vdi_40-(3).png)** Microsoft Azure portal shows the following screen when successful: [![vdi_41-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/wR85ENyTbmDvgU5q-vdi_41-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/wR85ENyTbmDvgU5q-vdi_41-(2).png) The option to choose a Virtual network is available under the **Virtual network** drop-down list. [![vdi_42-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Ye4i0c5asGqkvN3k-vdi_42-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Ye4i0c5asGqkvN3k-vdi_42-(1).png) Microsoft Azure portal shows the following screen when the network was selected: [![vdi_43-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/ohbg6Nc0ofi4wj3o-vdi_43-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/ohbg6Nc0ofi4wj3o-vdi_43-(1).png) The option to choose Subnet is available under the **Subnet** drop-down list: [![vdi_44-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/9x9yZMUUH3EwIyud-vdi_44-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/9x9yZMUUH3EwIyud-vdi_44-(1).png) The option to Associate subnet is available under the OK button: [![vdi_45-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/nEGWepXVdCyBkZQX-vdi_45-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/nEGWepXVdCyBkZQX-vdi_45-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_46-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/k8nmTQz91ZfsPjGd-vdi_46-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/k8nmTQz91ZfsPjGd-vdi_46-(1).png) ##### Inbound security rule creation The option to restrict access to VM is available under **portal.azure.com > Network Security Group > Inbound security rules > Add**. [![vdi_47-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/CfX9kFPfWa3JTrp3-vdi_47-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/CfX9kFPfWa3JTrp3-vdi_47-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_48-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/mCKB9Wn7aNgqWFUG-vdi_48-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/mCKB9Wn7aNgqWFUG-vdi_48-(1).png) The option to select the Source filter option is available under the **Source** drop-down list. The required option is **IP addresses.** The screenshot below shows the procedure for inbound security role adding (**Source** drop-down list > **Select IP Addresses** > Enter 78.47.106.224 address under the **Source IP Address / CIDR range** field > Select **RDP** under the **Service** field > **Add** button): [![vdi_49-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Kr8XSHLLlcl7QTsp-vdi_49-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Kr8XSHLLlcl7QTsp-vdi_49-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_50-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Wn98xMKJ6JefaO85-vdi_50-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Wn98xMKJ6JefaO85-vdi_50-(1).png) ##### .vhd File Creation The option to start .vhd file setup process creation is available under the **Hyper-V manager (**see [**Creating a VHD**](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/manage/create-vhdset-file)) The option to convert .vhdx disk format to .vhd is available under **Hyper-V Manager > Select computer > Action > Edit disk > Next > Select disk > Next > Convert > Next > VHD > Next >** **Finish**. [![vdi_51_1-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/YTr7IS32MiVLwL25-vdi_51_1-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/YTr7IS32MiVLwL25-vdi_51_1-(1).png) [![vdi_52-(3).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/k9hr9DSHxbO4908f-vdi_52-(3).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/k9hr9DSHxbO4908f-vdi_52-(3).png) ##### VM healthiness checkout The option to check the healthiness and consistency of VM is available under the elevated PowerShell windows and command: Chkdsk /f ##### VHD Configuration VHD configuration consists of setting up the Boot Configuration Data (BCD) settings, the disk SAN policy, the Coordinated Universal Time (UTC), configuring power profile, environmental variables, resetting the Windows services to startup settings, configuring RDP options, Windows Firewall rules, and disabling the Windows Defender under the PowerShell command prompt. The option to start configuration is available by enabling PowerShell script execution. This is available by entering the PowerShell command: **Set-ExecutionPolicy –ExecutionPolicy Unrestricted -Force** [![image-90.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Kk49DMDoYv9l7OeG-image-90.png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Kk49DMDoYv9l7OeG-image-90.png) The option to set the Boot Configuration Data (BCD) settings is available by entering the PowerShell commands: bcdedit /set "{bootmgr}" integrityservices enable bcdedit /set "{default}" device partition=C: bcdedit /set "{default}" integrityservices enable bcdedit /set "{default}" recoveryenabled Off bcdedit /set "{default}" osdevice partition=C: bcdedit /set "{default}" bootstatuspolicy IgnoreAllFailures #Enable Serial Console Feature bcdedit /set "{bootmgr}" displaybootmenu yes bcdedit /set "{bootmgr}" timeout 5 bcdedit /set "{bootmgr}" bootems yes bcdedit /ems "{current}" ON bcdedit /emssettings EMSPORT:1 EMSBAUDRATE:115200

**Note.** No application should use port 3389. The option to see which ports are used on the VM is available under the command **netstat – anob.**

The option to set the disk SAN policy to **Onlineall** is available under the following commands via CMD: diskpart san policy=onlineall exit The option to set Coordinated Universal Time for Windows is available under the following commands via PowerShell: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\TimeZoneInformation' -Name "RealTimeIsUniversal" -Value 1 -Type DWord -Force Set-Service -Name w32time -StartupType Automatic The option to set the power profile to high performance is available under the command via PowerShell powercfg /setactive SCHEME\_MIN The option to set the environmental variables TEMP and TMP to their default values is available under the following commands via PowerShell: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment' -Name "TEMP" -Value "%SystemRoot%\\TEMP" -Type ExpandString -Force Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment' -Name "TMP" -Value "%SystemRoot%\\TEMP" -Type ExpandString -Force The option to reset the Windows services startup settings is available under the following commands via PowerShell: Get-Service -Name bfe | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name dhcp | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name dnscache | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name IKEEXT | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name iphlpsvc | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name netlogon | Where-Object { $\_.StartType -ne 'Manual' } | Set-Service -StartupType 'Manual' Get-Service -Name netman | Where-Object { $\_.StartType -ne 'Manual' } | Set-Service -StartupType 'Manual' Get-Service -Name nsi | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name TermService | Where-Object { $\_.StartType -ne 'Manual' } | Set-Service -StartupType 'Manual' Get-Service -Name MpsSvc | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' Get-Service -Name RemoteRegistry | Where-Object { $\_.StartType -ne 'Automatic' } | Set-Service -StartupType 'Automatic' The option to turn on RDP and update remote-desktop registry settings is available under the following actions: - Accessing remote access at the system settings is available under **Control panel > Allow remote access to your computer > Allow remote connections to this computer - Apply [![vdi_53-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/VkZafa6jtg36BkSu-vdi_53-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/VkZafa6jtg36BkSu-vdi_53-(1).png)** - Enabling **Remote Desktop Protocol** under the PowerShell commands: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server' -Name "fDenyTSConnections" -Value 0 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services' -Name "fDenyTSConnections" -Value 0 -Type DWord –Force - Setting up RDP port (3389) under the PowerShell command: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\Winstations\\RDP-Tcp' -Name "PortNumber" -Value 3389 -Type DWord –Force - Enabling network interface listener under the PowerShell command: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\Winstations\\RDP-Tcp' -Name "LanAdapter" -Value 0 -Type DWord -Force - Configuring the network-level-authentication (NLA) mode for the RDP connections under the PowerShell commands: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp' -Name "UserAuthentication" -Value 1 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp' -Name "SecurityLayer" -Value 1 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp' -Name "fAllowSecProtocolNegotiation" -Value 1 -Type DWord -Force - Setting up the keep-alive value under the PowerShell commands: Set-ItemProperty -Path 'HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services' -Name "KeepAliveEnable" -Value 1 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services' -Name "KeepAliveInterval" -Value 1 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\Winstations\\RDP-Tcp' -Name "KeepAliveTimeout" -Value 1 -Type DWord -Force - Reconnecting under the PowerShell commands: Set-ItemProperty -Path 'HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Terminal Services' -Name "fDisableAutoReconnect" -Value 0 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\Winstations\\RDP-Tcp' -Name "fInheritReconnectSame" -Value 1 -Type DWord –Force Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\Winstations\\RDP-Tcp' -Name "fReconnectSame" -Value 0 -Type DWord -Force - Limiting the number of concurrent connections under the PowerShell command: Set-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\Winstations\\RDP-Tcp' -Name "MaxInstanceCount" -Value 4294967295 -Type DWord -Force - Removing self-signed certificates tied to the DRP listener under the PowerShell command: if ((Get-Item -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp').Property -contains "SSLCertificateSHA1Hash") { Remove-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp' -Name "SSLCertificateSHA1Hash" -Force } The option to configure or disable Windows firewall rules is available under the following actions: - Turning on Windows firewall on the three profiles (domain, standard, public) under the PowerShell command: Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled True - Allowing WinRM through the firewall profiles and enabling the PowerShell remote service under the PowerShell commands: Enable-PSRemoting –Force Set-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)" -Enabled True - Enabling the firewall rules allowing the RDP traffic under the PowerShell command: Set-NetFirewallRule -DisplayGroup "Remote Desktop" -Enabled True - Enabling the file and printer sharing rule allowing the VM to respond to a ping command inside the virtual network under the PowerShell command: Set-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)" -Enabled True The option to install VM extensions is available under the **Azure Virtual Machine Agent** (see [**Azure Virtual Machine Agent**](https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/agent-windows)). The option to disable Windows Defender is available under the following PowerShell script: ***\# Disable Firewall*** **Start-Process "$($env:windir)\\System32\\netsh.exe" -ArgumentList "advfirewall set allprofiles state off";** ***\#Disable Windows Defender*** **New-ItemProperty "hklm:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender" -Name "DisableAntiSpyware" -Value 1 -Force;** **Remove-ItemProperty "hklm:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" -Name "SecurityHealth" -Force;** **Remove-ItemProperty "hklm:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" -Name "WindowsDefender" -Force;** ***\# Disabling password complexity*** **secedit /export /cfg c:\\secpol.cfg** **(GC C:\\secpol.cfg).Replace("PasswordComplexity = 1", "PasswordComplexity = 0") | Out-File C:\\secpol.cfg** **secedit /configure /db c:\\windows\\security\\local.sdb /cfg c:\\secpol.cfg /areas SECURITYPOLICY** **rm -force c:\\secpol.cfg -confirm:$false** ***\# Configure Computer power to better perfomance and disable turn off display*** **Start-Process "powercfg" -ArgumentList "/SETACTIVE 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c" -Wait;** **Start-Process "powercfg" -ArgumentList "/CHANGE monitor-timeout-ac 0" -Wait;** ***\# Show file extensions in File Explorer*** **New-ItemProperty "hkcu:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced" -Name "HideFileExt" -Value 0 -Force;** ***\# Set password to the Administrator acc and autologon*** **$computer=$env:COMPUTERNAME;** **$userid="{user\_name}"; #*Enter your username*** **$password="{password}"; #*Enter your password*** **$user=\[adsi\]("WinNT://$($computer)/$($userid), user");** **$user.psbase.invoke("SetPassword", $password);** **New-ItemProperty "hklm:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name "AutoAdminLogon" -Value "1" -Force;** **New-ItemProperty "hklm:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name "DefaultUserName" -Value $userid -Force;** **New-ItemProperty "hklm:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name "DefaultPassword" -Value $password -Force;** The option to disable the “allow PC to be discoverable on this network” dialog is available by adding the following registry key under the Registry Editor: ***HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\Network\\NewNetworkWindowOff*** The option to disable UAC (User Account Control) is available under **User Account Control** settings: [![vdi_54-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Ih9bTZxMvKJf9O92-vdi_54-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Ih9bTZxMvKJf9O92-vdi_54-(1).png) The option to turn on .NET Framework 3.5 is available under the .NET Framework installer (see [**Installation Guide**](https://docs.microsoft.com/en-us/dotnet/framework/install/dotnet-35-windows-10)). The option to install the APE driver and other software is available by the [**following link**](https://apptimizedportalshare.blob.core.windows.net/vm-utils/config_vm.zip)**.**

**Note.** It is recommended to turn off Windows updates on VM.

##### Virtual Image (VHD) Uploading The option to upload .vhd to blob storage is available under the Storage account container. The option to create Storage account is available under portal.azure.com > **Storage Accounts > Create > Select resource group > Set up account name > Set up resource group region > Review + create > Create**. [![vdi_55-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/GlGiHrXsH7xYK2TT-vdi_55-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/GlGiHrXsH7xYK2TT-vdi_55-(1).png) [![vdi_56-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/CFQkBB7zWjLaPHX6-vdi_56-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/CFQkBB7zWjLaPHX6-vdi_56-(1).png) Microsoft Azure Portal shows the following screen when successful: [![vdi_57-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/Lnf0SXU8wyilKpuB-vdi_57-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/Lnf0SXU8wyilKpuB-vdi_57-(2).png) The option to create container inside the Storage account is available under **portal.azure.com** > **Storage Account** > **Select storage account** > **Containers** > **Create** > **Set the name of container** > **Create**. [![vdi_57_2.png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/FEYI4yBAHj5qc5Hl-vdi_57-(3).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/FEYI4yBAHj5qc5Hl-vdi_57-(3).png) [![vdi_58-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/5zkJNAkZzO9ToMsy-vdi_58-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/5zkJNAkZzO9ToMsy-vdi_58-(1).png) Microsoft Azure Portal shows the following screen when successful: [![vdi_59-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/WUN90crx9mm0BtOP-vdi_59-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/WUN90crx9mm0BtOP-vdi_59-(1).png) The option to upload .vhd file to container is available under **portal.azure.com > Storage Accounts > select storage account > Containers > select the Container > Upload > Select file > Select Blob type – Page type >** Mark **Upload .vhd files as page blobs > Upload**. [![vdi_60-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/g0B2kHA6uIXO3XkL-vdi_60-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/g0B2kHA6uIXO3XkL-vdi_60-(1).png) [![vdi_61-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/jereT09FRw6ndsCN-vdi_61-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/jereT09FRw6ndsCN-vdi_61-(1).png) Microsoft Azure portal shows the following screen when successful: [![vdi_62-(2).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/9nCuLgltAoykTReP-vdi_62-(2).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/9nCuLgltAoykTReP-vdi_62-(2).png) The option to copy URL of the uploaded file is available under **portal.azure.com > Storage Accounts >** select Storage Account > **Container** > **Select container > Select file > Copy URL**. This is needed for VM Image creation under the Apptimized Portal. [![vdi_63-(1).png](https://docs.apptimized.com/uploads/images/gallery/2021-07/scaled-1680-/xPMd6znfevp5yizC-vdi_63-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2021-07/xPMd6znfevp5yizC-vdi_63-(1).png) ##### Azure disk snapshot configuration The option to configure Azure disk snapshot is available after the VM creation and configuration. The option to create VM on the portal.azure.com is available under **Services > Virtual Machines** (see [Quickstart - Create a Windows VM in the Azure portal - Azure Virtual Machines | Microsoft Docs](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/quick-create-portal) )

**Note.** RDP must be enabled on VM (add a link to RDP mentioned part of the doc).

The option to configure the VM is available under the [following actions](https://docs.apptimized.com/link/272#bkmrk-vhd-configuration). ##### Azure VM snapshot creation The option to create a snapshot of Azure VM under **Microsoft Azure Portal** is available under portal.azure.com > **Virtual Machines** > select VM > **Disks** > select disk > **Create snapshot** **[![azure_01.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/AxATjtkMhiZdh42q-azure_01.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/AxATjtkMhiZdh42q-azure_01.png)** Microsoft Azure portal shows the following screen when successful: [![azure_02.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/rxKUPLPVG0U68024-azure_02.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/rxKUPLPVG0U68024-azure_02.png) The option to create snapshot is available by following actions: selection **Resource group >** setting the **Snapshot name** > Selection **the Source disk >** setting **Encryption settings >** setting **Networking settings > Review + create > Create** [![azure_03.png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/LJqqaxLyYNecc7CT-azure_03.png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/LJqqaxLyYNecc7CT-azure_03.png) Microsoft Azure portal shows the following notification when successful: [![azure_04-(1).png](https://docs.apptimized.com/uploads/images/gallery/2022-08/scaled-1680-/43BgVIIEMPj2yPBA-azure_04-(1).png)](https://docs.apptimized.com/uploads/images/gallery/2022-08/43BgVIIEMPj2yPBA-azure_04-(1).png) Copying the snapshot name is **required** for VM image creation under Apptimized Portal # Apptimized TO GO Hypervisor User Guide # Apptimized TO GO Hypervisor Integration #### Enable Apptimized TO GO hypervisor connector The one-time configuration is available for project administrators under **Settings** in the project menu > **Virtualization providers** option > **To** **Go** switch. [![to_go_hyp_04.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/K6BJjfNYXChpTteo-to_go_hyp_04.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/K6BJjfNYXChpTteo-to_go_hyp_04.png) Apptimized shows the following screen when successful: [![to_go_hyp_05.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/JBqQ242KrjeJVktF-to_go_hyp_05.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/JBqQ242KrjeJVktF-to_go_hyp_05.png) The **To Go** switch enables the TO GO hypervisor connector implementation within the project. [![project_settings_26.png](https://docs.apptimized.com/uploads/images/gallery/2020-04/scaled-1680-/IhTLseYiKg2RFe1y-project_settings_26.png)](https://docs.apptimized.com/uploads/images/gallery/2020-04/IhTLseYiKg2RFe1y-project_settings_26.png) The option to specify within what workflow step the TO GO hypervisor connector will be implemented enables when the switch is activated in front of the step name. The **User name** and **Password** fields come prefilled. The **Host** field defines the IP address or DNS name of a resource that contains Virtual Machines (i.e., **10.159.11.2:1233** or **somesite.hive.com**). When the value to the **Host** field is added, the **Create new image** button appears. [![to_go_hyp_01.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/6unDZyjSEWaghabG-to_go_hyp_01.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/6unDZyjSEWaghabG-to_go_hyp_01.png) The option to create a custom operating system image is available under the **Create new image** button. Apptimized shows the following modal window (all required fields are marked with an asterisk \*): [![to_go_hyp_03.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/F1h8TZFFg3J2AT9c-to_go_hyp_03.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/F1h8TZFFg3J2AT9c-to_go_hyp_03.png) The created custom operating system image must contain the installed **TO GO agent**. Otherwise, the VM will not be available via a virtual desktop environment using the RDP proxy server. The VM becomes in the ready status when TO GO agent sends a request to the Apptimized Portal to receive the manifest. Table 2. Image settings
**Setting** **Description**
Name This setting defines the name for a new Azure image. The naming is a user preference. This field is required.
Platform This setting defines the name of the Windows platform (i.e., **Windows 10**).
OS Build This setting defines the operating system build that will be used (i.e., **18363.753** – is an OS build for Windows 10, version 1909). OS build is a timeline of minor build releases in between the major version number releases.
OS Version This setting defines the operation system version that will be used. The following options available: - Windows 7; - Windows 8; - Windows 10. The default value is **Windows 10**.
OS Language This setting defines the operating system language mode. The following options available: - EN; - DE. The default value is **EN**.
OS type This setting defines the operating system type mode. The following options available: - Windows Server; - Desktop Windows. The default value is **Windows**. **Server**.
Enabled This setting indicates that the current image is enabled for use.
Base snapshotThis setting defines the name of the snapshot (a captured state of a system in a particular time point). It is usually used as a back-up copy or as a basis to troubleshoot issues. This field is required.
Base imageThis setting defines the name of the existed operating system image which can be used as a basis for this image. This field is required.
The custom operating system image settings apply when clicking on the **Create** button. Apptimized shows the following screen when successful: [![to_go_hyp_02.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/VPiuoiFAfuEBsm8g-to_go_hyp_02.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/VPiuoiFAfuEBsm8g-to_go_hyp_02.png) The option to modify the custom operating system image settings is available under the **Edit image** button.

**Note**. When the TO GO hypervisor connector option is implemented for the project, a customer receives the full scope of the Apptimized [discovery ](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/discovery)and [testing ](https://docs.apptimized.com/books/apptimized-platform-user-manual/page/testing)functionality on VMs with the custom operating system image.

# Apptimized TO GO Hypervisor Administration Guide # Apptimized TO GO Hypervisor infrastructure ### Infrastructure components Apptimized TO GO allows a customer to turn a local machine, PC's or VM's into Apptimized VM so that they can be used for discovery and testing. Apptimized TO GO can be used for discovery and testing on local test PCs or VMs in the customer's own environment. Apptimized TO GO infrastructure depends on the type of solution a customer chooses (see Case 1). ##### Case 1. A customer implements Apptimized TO GO agent with the TO GO hypervisor connector scenario. The figure below shows the scheme of the Apptimized TO GO infrastructure. [![to-go-hypervisor-infr.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/ArrtNFtzozKQydLq-to-go-hypervisor-infr.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/ArrtNFtzozKQydLq-to-go-hypervisor-infr.png) The infrastructure components details are described in Table 1. Table 1. Infrastructure components
**Component** **Details**
1\. Apptimized Portal The platform where Apptimized customer manages projects portfolios. Requires an active project with enabled and configured Apptimized TO GO settings. Technical requirement for working in Apptimized: 1\. Browsers: - Google Chrome (version 75.0 or above); - Mozilla Firefox (version 60.0 or above); - Apple Safari (version 12.0 or above); - Internet Explorer with (version 11.0); - Microsoft Edge with version 83 and above. 2. Enabled Java-script in browser; 3\. Speed of internet connections – min 50 Mb/s. 4\. Enabled firewall white list: https://app.apptimized.com/; https://rdproxy.apptimized.com/; https://cdn.apptimized.com; \*.chatlio.com
2\. Customer Environment Information technology environment, including software, hardware, and systems (e.g., endpoint PCs, VMs, servers, networks).

The access of endpoint PC or VM to the 80 and 443 port of the app.apptimized.com host is a prerequisite.

2.1. RDP proxy server RDP proxy server is a third party between the customer and the service (the Apptimized Portal). RDP proxy server helps to provide a rather high level of protection of customer’s sensitive data and valuable information and to achieve anonymity. A [Docker](https://www.docker.com/) engine versions 19.03 and above are used. Docker container is used to provide a virtual desktop environment using the RDP proxy server. A Docker container image is a lightweight, standalone, executable package of software that includes a full asset portfolio of functionality to run an application (i.e., code, runtime, system tools, system libraries and settings). ks uniformly despite differences for instance between development and staging[\[1\]](#_ftn1). RDP proxy server is used to display VM in browser. Otherwise, it can be skipped.

**Note.** A minimal specification for RDP proxy server (to handle 15 VM’s at the same time) are the following: 2 cores of VCPU; 8 Gb of RAM; 80 Gb disk storage; 1 Gigabit Internet connectivity.

2.2. TO GO hypervisor server This is a server with functionality to manage TO GO hypervisor connector.
2.3. TO GO hypervisor connector Apptimized TO GO hypervisor connector is a software that manages the VMs inside customer infrastructure (e.g., launching them, stopping, making snapshots, etc.). A simplified scheme of the Apptimized TO GO hypervisor connector: [![hypervisor-scheme.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/cU6CD7YfPCrp9XyR-hypervisor-scheme.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/cU6CD7YfPCrp9XyR-hypervisor-scheme.png) The following scripting languages implement depending on what virtualization software is used: - SSH (for VirtualBox); - vSphere API (for VMWare); - PowerShell Remote (for Hyper-V).
2.4. VM hypervisor This is a server which controls all VM infrastructure
2.5. Apptimized TO GO agent Apptimized TO GO agent is a software that sends information from the VM to Apptimized (i.e., screenshots, user actions, etc.), and does not controls VM in any case. Apptimized TO GO agent allows a customer to turn a local machine, PC's or VM's into Apptimized VM so that they can be used for discovery and testing. The Apptimized TO GO agent must be installed and launched on a local PC by the local administrator.
# Security To ensure security Apptimized complies with the following cybersecurity standards: - ISO 15408; - ISO/IEC 27001; - ISO/IEC 27002; - ANSI/ISA 62443 (Formerly ISA-99); - IEC 62443; A military-grade security protocol ([TLS/SSL](https://docs.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview)) is used by Apptimized to provide privacy and data integrity between two or more communicating applications. Apptimized safety audit entails a network scan of its resources to identify vulnerabilities and non-penetration. The screenshot below shows the vulnerability report provided by **Detectify** for **app.apptimized.com**. [![sccm_adm_03_4.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/MmESvmM2142UiAbc-sccm_adm_03_4.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/MmESvmM2142UiAbc-sccm_adm_03_4.png) The screenshots below show the SSL report of **app.apptimized.com**. [![sccm_adm_05_1.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/FDOxbDM9eImMUoJX-sccm_adm_05_1.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/FDOxbDM9eImMUoJX-sccm_adm_05_1.png) [![sccm_adm_05_5.png](https://docs.apptimized.com/uploads/images/gallery/2020-03/scaled-1680-/ochmWF8LIzubGeyF-sccm_adm_05_5.png)](https://docs.apptimized.com/uploads/images/gallery/2020-03/ochmWF8LIzubGeyF-sccm_adm_05_5.png) # Apptimized TO GO Hypervisor technical workflow ### Using a TO GO hypervisor connector workflow [![to-go-hypervisor_workflow.png](https://docs.apptimized.com/uploads/images/gallery/2020-06/scaled-1680-/cQ1sluzl2QiBc5ga-to-go-hypervisor_workflow.png)](https://docs.apptimized.com/uploads/images/gallery/2020-06/cQ1sluzl2QiBc5ga-to-go-hypervisor_workflow.png)