* The Business of Software

A former community discussing the business of software, from the smallest shareware operation to Microsoft. A part of Joel on Software.

We're closed, folks!


» Business of Software FAQ
» The Business of Software Conference (held every fall, usually in Boston)
» Forum guidelines (Please read before posting!)


Andy Brice
Successful Software

Doug Nebeker ("Doug")

Jonathan Matthews
Creator of DeepTrawl, CloudTrawl, and LeapDoc

Nicholas Hebb
BreezeTree Software

Bob Walsh
host, Startup Success Podcast author of The Web Startup Success Guide and Micro-ISV: From Vision To Reality

Patrick McKenzie
Bingo Card Creator

Considerations for deployment in organisations with managed IT?


I am developing a Windows desktop application and expect the application to be used in organisations with managed IT (i.e. a Windows domain based network).

So in a managed IT environment, I currently expect the following:

* I must handle the IT admins wishing to roll out an install of my application across several machines over the network, so my installer must support a silent install mode with configuration options on the command line.

* Some IT admins may wish to disable my applications auto update feature, and they will be able to do this via a registry setting.

* My application will store configuration data in %USERPROFILE%\AppData\Roaming\ so as to be available (if needed) when a user logs into another machine.

* I assume I must handle the IT admins being able to activate the application via the command line with the license their organisation purchases, after they have installed it on a users machine.

Can anybody please advise what else I may need to look out for (or comments on the above)?

maxr Send private email
Thursday, November 06, 2014
In addition you will need a lot of patience.

Someone from BigCo event planning dept really wanted to buy some PerfectTablePlan licences. After 18 months I was finally told that that their IT people decided it wasn't worth what it would cost them to deploy it (bearing in mind it takes about 1 minute to download and install and there is also a silent install option).

Do a Google image seach on "Mordac preventer of services" to understand what you'll be dealing with at some organizations.
Andy Brice Send private email
Thursday, November 06, 2014
* Access to the source code

* A letter of recommendation from your last 5 clients/customers

I've had this requested (demanded?).

Understandably the deal went nowhere.

All the best -
Marcus from London Send private email
Thursday, November 06, 2014
Big companies don't want to install any software other than Office on desktop machines.
Ducknald Don Send private email
Thursday, November 06, 2014
> Big companies don't want to install any software other than Office on desktop machines.

Hardly true, companies with engineering teams will require those teams to have the engineering tools they need to do their jobs. They might not want to have to roll out third party applications, but they do if its a business requirement.
maxr Send private email
Thursday, November 06, 2014
1. Proxy servers.

2. Security requirements, eg. everything over the network has to be HTTPS/SSL.

3. Terminal servers - used to be very popular. May break assumptions about the layout of local drives.

4. Possible desire to integrate with a single-sign on system.
GregT Send private email
Thursday, November 06, 2014
Hi Maxr,

I've spent the last 12 years or so integrating third party software into company deployment systems. My tips:

1. As you mentioned, make sure that your installer can be installed silently, and is configurable via command line. Using a
"Windows Installer" (msi) based installer is usually preferred, as they can customize the install for themselves. A lot of
larger companies will automatically "repackage" (convert) your installer into an MSI, even if your original installer does
what they want.

2. The deployment tool that they use will probably install your application using an "admin" service account, but the users
will probably be running the application under restricted accounts, often with UAC enabled. In these companies, users won't be
able to write to "per-machine" locations (just per-user locations), and the companies will not want to grant them these
permissions. So I would just make sure that everything works (at runtime) under a restricted account.

3. They will definitely want to disable auto-update.s They usually want to decide when an application updates.

4. If your application needs to "phone home", make sure that it can do so via a proxy.

5. Make sure that the install doesn't cause any issues either with the OS or with other applications. When your application is removed, make sure that it doesn't remove any software that might be used as a pre-requisite for other applications. e.g. if your application requires the Visual C++ runtimes, you wouldn't want to uninstall them when your package is getting uninstalled.

Hope this helps!
Bdan Send private email
Thursday, November 06, 2014
Have you considered developing an application that specifically does not need the IT department to deploy it?

Chrome does this effectively.  So do lots of other apps.

Or can you not try to create a SAAS solution?

Large company IT departments are blockers for change in many organisations.  Sometimes for the right reasons but mostly because they are seen as "cost-centres" and so they have been out-sourced, downsized, and sold out to the lowest cost "service" provider.

Much better to target your real-end customers rather than the intermediary IT department.
TomTomAgain Send private email
Friday, November 07, 2014
Thanks for the great feedback, very useful :)
maxr Send private email
Friday, November 07, 2014

Make msi installer, not exe. My software's installer is made with inno setup (which has silent install policy). But just recently I got an order from a big company, and they only accepted msi installer (since exe can not be installed using group policy).

As for activation, I made a special activated installed from then, since I needed to repack exe as msi anyway.
Jim Morrison Send private email
Tuesday, November 11, 2014
I hate .msi. Inno Setup is much less hassle. Here is some software that can convert an .exe to a .msi:

I haven't tried it though.
Andy Brice Send private email
Tuesday, November 11, 2014
For me Inno Setup is much easier too (all my installers are made with it). Also it is very easy to expand it with pascal code.

However, it does not matter what you love or hate, enterprise customers expects msi installer (for ease of using it with group policy).

I have tried a lot of exe to msi converters, but in the end created msi manually (advancedinstaller.com free version), since there were some problems in dll registration with converted msi.
Jim Morrison Send private email
Wednesday, November 12, 2014
Maybe the MSI installers are better now. But the 2 I used previously (InstallShield and Wyse, 10+ years ago) were awful and caused no end of problems.
Andy Brice Send private email
Wednesday, November 12, 2014
Marcus said:
"* Access to the source code"

Are they high?  Does MS give access to the source code?  WTH?

I once had a client (an attorney) ask that if they didn't find like using the software I *custom built* for them after a year they could have their money back.  After 2 years, 50% of their money back, and so on.

I thought - is this a joke?  I guess some people figure "it never hurts to try" but actually, yeah, sometimes it does because I never trust a client after a request like that so I charge them top dollar and offer no freebies.

I said no and they bought it anyhow.  (I did say yes to a bunch of meaningless (to me) things they asked for, but no to that and some other equally ridiculous request that I now forget.)
Emily Jones Send private email
Wednesday, November 12, 2014

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
Powered by FogBugz