Java 7 update 21 (1.7.0_21) Enterprise Repackaged Security Medium Deployment with SCCM

The issue on many blogs and articles is around creating the 'deployment.config' and 'deployment.properties' files for an enterprise deployment. In my case i wanted to set the security level to 'Medium', but everytime I open the Java control panel it was set to the default HIGH setting.

Solution

1 Create the following directory path 'C:\Windows\sun\java\deployment'

2 Create a file called 'deployment.config' in this directory and open with Notepad.

Copy the two line below

####################

deployment.system.config = file\:\\C\:\\WINDOWS\\Sun\\Java\\Deployment\\deployment.properties

deployment.system.config.mandatory = true

####################

3 Create a file called 'deployment.properties' in this directory and open with Notepad.

Copy the four line below (# deployment.security.level.locked optional)

######################

deployment.security.level=MEDIUM

deployment.browser.path=C:\Program Files\Internet Explorer\IEXPLORE.EXE

deployment.version=7.21

#deployment.security.level.locked

###########################

(without path and version, level will be ignored)

4 Delete C:\Users\%Username%\AppData\LocalLow\Sun

5 Delete: HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties

6 Open Java from Control Panel. You will find the security is now set to MEDIUM. If the lock was imposed, the user will not be able to adjust this setting as it will be greyed out.

Author: Jonathan Proctor

Source: http://www.syswow64.co.uk/2013/05/java-7-update-21-1721-enterprise.html

Comments

Remove previous versions using MSI Upgrade Table

There are several methods to uninstall the existing older versions of an application e.g. Script, MSI upgrade table, SCCM deployment conditions. We are here discussing the method using Upgrade table. Upgrade table can be used effectively to detect and uninstall the previous versions of a MSI based application provided the upgrade code is known. Here is an example on populating Upgrade Table: Locate the U pgradeCode in Property Manager . Remember this could either be same or different in previous version and if it is different then grab the code from previous version. Go to the Upgrade Table in Direct Editor . Copy the upgrade code to its column. Populate the Version columns based on requirement (consider all the digits as per previous MSI versions). Attribute column needs to be configured with appropriate bit flag for corresponding upgrade behavior. Refer to Upgrade Table to calculate the proper bit flag. In example, 768 is the sum of 256+512 which m...

Active Setup Registry Key : What it is and how to create in the package using Admin Studio Install Shield

While launching from Admin account or doing “Run as Admin” it was launching properly but when launched from the standard-user account, though it was launching but GUI was not coming properly and before launching, it throws the error that some particular Skin file is missing. I checked in installation folder and skin file was there but still while launching I was getting the error, but when launched from Admin account or using “Run as admin” it was launching properly with proper GUI and no skin file missing error. On exploring further I found that application was installed by admin account and it created some entries in HKCU, and these entries contain the path and name of skin file to be used. So when we launched the application from Standard user account then these entries were empty in HKCU for Standard user. So to solve this problem while re-packaging I used Active Setup . Active Setup provides a great solution for installing current user data when the package is not installed ...

Using the CorrectFilePaths Shim to Redirect Files on Windows Vista

The last time around , I suggested that you avoid using the acredir.dll shims - RedirectRegistry and RedirectFiles. As alternatives, I recommended VirtualRegistry and CorrectFilePaths. Of course, I have already gone into some details on how to use VirtualRegistry to achieve that, but I haven't gone in to any details on CorrectFilePaths yet. And, unfortunately, the documentation isn't much help as of the 5.0.1 release (as I said - stay tuned to the documentation for future releases, as this is something we are working on). In fact, here is all that the documentation tells you: "Corrects file paths that changed between Windows 95 or Windows 98 and Windows XP Professional. This compatibility fix works by converting the file paths to the correct location for Windows XP Professional in the APIs. For example, a Windows 95 path of C:\Windows\Write.exe is converted to C:\Windows\System32\Write.exe." While this is true, it is not comprehensive (and is, theref...

Collection of Useful Posts

Search This Blog