Packaging Adobe Reader to MSIX
The MSIX Packaging Tool enables you to repackage your existing desktop applications to the MSIX format. It offers both an interactive UI and a command line for conversions and gives you the ability to convert an application without having the source code. We want to enable IT Pros to convert their existing assets to MSIX, to give them a better way to do packaging and app management.
In case you can't install the MSIX Packaging Tool from Microsoft Store, you can download the offline version here.
Open the MSIX Packaging Tool and click Application package and click on Application package to create a new package for the application:
Choose the desired scenario and click the Next button. I selected the first option:
In this step, the tool will check if the MSIX Packaging Tool driver is already installed. Click on Next when available:
If you got an error to install the tool driver, please refer to this post that describes how to manually download and install the driver up to version 1809. Starting with version 1903, you need to download the Windows 10 Features on Demand ISO and copy the Msix-PackagingTool-Driver-Package.cab.
Provide the installer of Adobe Reader DC and pass the following arguments:
/sAll /rs /msi EULA_ACCEPT=YES LANG_LIST=en_US UPDATE_MODE=0 DISABLE_ARM_SERVICE_INSTALL=1 ADD_THUMBNAILPREVIEW=YES
Select the certificate that will be used to sign the package. The certificate is only required in case you want to install the app outside of the Microsoft Store (sideloading). For more information about how to create a self-signed certificate, please check this doc.
The next step is to fill in information such as the package name, the description that will be displayed to the user during installation, the vendor's name (must be the same as the certificate), and the version number. Fill in the requested information and click the Next button:
The following screen will appear and from then on, the tool will monitor the changes made to the operating system.
The installation will start automatically because we provided the Adobe Reader DC installer.
Wait for the Acrobat Reader DC shortcut be created on Desktop and click on Next.
On the next screen, you need to define which apps will be visible in the start menu. In our case, there is just one:
Click the Next button to continue.
The next screen asks for confirmation if the environment monitoring is done. Click the Yes, move on to continue:
On the next screen, just click on the Next button, since the application doesn't implement any service:
Now it is necessary to inform where the package will be generated, as well as it is possible to edit the package before saving it. Click on Package editor button to edit the package.
If we just finish the packaging process here, we will get the following message displayed for the packaged version asking the user to disable the AppContainer or to not run the app:
To remove this message, click on Virtual registry and navigate to REGISTRY\MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown:
Right click on FeatureLockDown and select Add DWORD:
Name the REG_DWORD key to bEnableProtectedModeAppContainer with the value 1:
Click on Create button to generate the package.
Now that we have the MSIX package, we need to fix one more issue that happens when the packaged app tries to save the user's preferences to the virtual registry (user.dat) inside the container.
The good news is that is possible to solve it, and the bad news is that it is not possible solving it through the MSIX Packaging Tool. In this case, we need to unpack the MSIX and change the key permissions for the virtual registry.
You can unpack the MSIX file through the MSIX Packaging Tool (MPT), but I am using MSIXHero as we will need to package it again and the MPT doesn't offers this option.
On MSIX Hero, select Unpack MSIX to directory:
Select the MSIX package to be extracted and click on Unpack package:
Follows the extracted files:
The next step is fixing the access permissions of the user.dat file. Therefore, run regedit, click on HKEY_LOCAL_MACHINE, and select Load Hive in the File menu:
Be sure to use LOAD HIVE and not IMPORT, otherwise you will replace your registry information and compromise your machine.
Name the hive with a name of your preference, like adobe-user:
Expand the loaded hive, navigate to SOFTWARE, right click on it and select Permissions:
Grant full control permission for the user Everyone:
Now that we fixed the permissions, we need to unload the virtual registry file. Select the key that was loaded, in my case, adobe-user, click on File menu and select unload hive:
Switch back to MSIX Hero and choose Pack directory to MSIX:
Select the folder to be packaged, check the sign this package, provide the certificate to sign the package in the Signature tab and click on Pack folder to MSIX package:
Now that all finished the MSIX packaging, the next step is preparing the MSIX for Azure Virtual Desktop App Attach.
Creation of a VHDX package for MSIX
MSIX packages must be in a VHD or VHDX format to work properly. This means that you need to create a VHD or VHDX package to begin with, and we'll create it via the MSIXMGR tool.
After packaging a Win32 application to MSIX, we need to expand the package to a virtual disk (VHDX), so it can be dynamically attached to the user session during logon. It is very similar to FSLogix, but instead of profiles we are attaching the user's apps.
Download the MSIXMGR tool and extract the archive to a folder of your choice. I am using C:\msix\avd\msixmgr\x64 folder:
Use the following PowerShell (run as admin) command to generate the VHDX through MSIXMGR. Please change the path of the MSIXMGR tool and the MSIX and VHDX locations:
# size of the vhdx file
$vhdSize = 1300
# folder that will created inside the vhdx (You can get this name from the manifest file or via Get-AppPackage *adobe*)
$appParentFolder = "AdobeReaderDC"
# vhdx destination. Notice that I am using the appParentalFolder to set the name
$vhdFullPath = "C:\msix\avd\vhdx\$appParentFolder.vhdx"
#application package name that can be obtained in the appxmanifest.xml or Get-AppPackage *adobe* | select PackageFullName
$packageName = "AdobeReaderDC_1.0.1.0_x64__kz5d2ck10dqg4"
# msix file
$msixPath = "C:\msix\avd\msix\AdobeReaderDC_1.0.1.0_x64__kz5d2ck10dqg4_1.msix"
#Expand the MSIX to VHDX
cd "C:\msix\avd\msixmgr\x64\"
.\msixmgr.exe -Unpack -packagePath $msixPath `
-destination $vhdFullPath `
-applyacls -create -vhdsize $vhdSize -filetype "vhdx" -rootDirectory $appParentFolder
Follows the expected result:
Successfully created virtual disk
Stopping the Shell Hardware Detection service
Stopping dependent services if necessary.
Successfully initialized and partitioned the disk.
Formatting the disk.
Successfully formatted disk
Finished unpacking packages to: C:\msix\avd\vhdx\AdobeReaderDC.vhdx
Starting the Shell Hardware Detection service
Successfully started the Shell Hardware Detection Service
I hope you liked it.
Microsoft
