How To: Setting up a recapture VM
The recapturing of an application installation needs to be performed in a special well-prepared environment, which is typically a virtual machine (VM) with a snapshot. The VM is always reverted to this snapshot prior to any recapture, with the purpose of ensuring that it is a well-known environment.
The VM should be as clean as possible. This is important because application installers will detect whether dependencies already exist on a machine, so specific components may be left out of the package and not reapplied. Any software added to the VM beyond the operating system could potentially add dependencies. Even though recaptured packages may work fine on initial test systems (with dependencies) - as time passes, it is possible for a package to break when landing on a system without that dependency. Current practices usually try to keep this image to hold just the OS and the required repackaging tools.
Note: The vendors of these tools generally limit their dependencies. |
Often, organizations require anti-malware software to be present on all systems. And unfortunately, anti-malware software adds many dependencies that change every year. So, it is better to use the anti-malware software that is already built into the OS while packaging, then use your preferred vendor scanning tool to detect anything that shouldn't be in the future packages.
Additionally, the OS should be tuned to reduce background activity that could lead to capturing unnecessary (or dangerous) components. This varies depending on the packaging purpose and the versions of the OS, and often, it includes the following steps:
- Turning off unnecessary services, such as Windows Updates orWindows Search, as well as other services that you will not use,(i.e. bluetooth).
- Not joining the OS to the domain, or exempting it from the GroupPolicy.
- Turning off Windows Apps updates.
- Disabling anti-malware definition updates.
- Pending system changes
Some repackaging tools, like Advanced Installer (and others), automatically check for these rules and assist you in enforcing them - while also managing the VM snapshot states automatically for each new package.