Microsoft Technical Takeoff: Windows and Microsoft Intune
Oct 24 2022 07:00 AM - Oct 27 2022 12:00 PM (PDT)

Questions about MMPT remote packaging


Some questions about using the Microsoft MSIX Packaging Tool remotely.  I'll use the terms "controller" to mean the machine that starts the process and "worker" for the VM performing the capture.

A) It seems from looking at logging that the controller sends partial copies of the MMPT to the remote machine.  It is logical that this is the version of the MMPT is being used on the remote machine to perform capture. 

  1. Is that remote MMPT being run inside a container, or is is just run as an uncontained exe?
  2. Does the MMPT actually need to be installed on that worker?
  3. Are there issues if an installed MMPT on the worker is different than the controller?

B) It also seems from looking at the logging that the worker completes the packaging process, producing a MSIX file that is then copied back to the controller:

  1. How is the exclusion list on the worker established if you want to use a non-default list?
  2. Is package signing possible by the worker, and if so how is this done?  The scripts in the MSIX Toolkit lead me to believe that we likely need to externally sign the packages, which is OK but would prefer to configure either the worker/controller MMPT to take care of it.

C) I would also like to suggest that there should be a MMPT command line way to determine if the MMPT job (at the controller) was successful in creating a MSIX package.  This includes is there a file, but likely was there any errors in the log even if a file was created. 

4 Replies



A) Yes. The local/controller sends a "remote server" to the remote.
1. The remote server is run as an uncontained exe.
2. No, it does not need to be installed. Everything needed is copied from the local/controller.
3. There are no issues with an installed MSIX Packaging Tool on the remote/worker.

B) Yes, the remote/worker does the packaging and the package is sent back to the local/controller.
1. The exclusion list comes from the local/controller settings. The items are tokenized so it is not specific to the machine.
2. All signing happens locally.

C) Are you asking for some sort of status checking ability? Or more a notification of success/failure? could you expand on this ask?




The ask is to understand so that I can explain it correctly to our training students. I had believed that the tool also needed to be installed on the remote machine.
However, your response raises one more question. On the remote machine I assume that the driver is needed. Does A)2 mean that the remote machine needs windows updates enabled to get the driver?
Yes, the remote machine needs to have the driver. If it is not already installed, Windows Update needs to be enabled to install it, but only the first time. You could also do an offline installation of the driver beforehand. If the MSIX Packaging Tool is already installed on the remote machine, it may have already installed the driver and the remote server would not need to install it.
Thank your for the clarifications!