Category filter

Distribute enterprise apps to Windows devices

This article deals with the distribution of enterprise apps on Windows devices.

Enterprise apps are custom apps developed by an organization or a third party to be used within the organization. These apps are also known as internal or in-house apps.

Since these apps contain proprietary business information, many organizations do not host these apps on public distribution channels (Microsoft Store for Windows devices). In such cases, they rely on enterprise app stores that can seamlessly deploy their internal apps within the organization.

Hexnode delivers its own enterprise app store to securely distribute apps, whether store or internal, to the organization’s devices. In the case of Windows devices, administrators can deploy enterprise (MSI/MSIX/EXE) apps to the managed devices without compromising data security.

Notes:

  • Hexnode also supports the distribution of APPX files on Windows devices. Any file formats other than MSI, MSIX, EXE and APPX need to be converted to either of these formats before distribution via Hexnode.
  • MSI/MSIX app installation is supported only on devices enrolled via Hexnode Installer as it requires the latest version of the Hexnode UEM app to be installed on them.

Add enterprise apps to Hexnode app inventory

An enterprise app must first be uploaded to the Hexnode app inventory before its distribution.

  1. Log in to your Hexnode portal.
  2. Navigate to Apps.
  3. Select +Add Apps > Enterprise App.
  4. Choose the platform as Windows.
  5. Provide the App Name.
  6. You can either upload with:
    • MSI file: Click on Choose the MSI File and select a file from the system.
    • Or

    • MSIX file: Click on Choose the MSIX File and select a file from the system.
    • Or

    • EXE file: Click on Choose the EXE File and select a file from the system.
    • Or

    • From Manifest URL: Input the URL to the app.
  7. Select an app category or input a new category by clicking on the + button.
  8. Provide a description for the application and click Add to upload the file.
  9. SHA-256 Checksum: Hexnode uses the SHA-256 checksum to ensure that the apps are not corrupted while uploading them to the portal and deploying them to devices. Provide the SHA-256 checksum(hash) of the file to verify the file integrity before distribution. If left blank, Hexnode UEM will skip the file verification.
  10. If it’s an MSI file, specify the device location where the MSI file should be installed. For example, C:\Program Files.
    Notes:

    • Deployment of apps added to the Hexnode app inventory via From Manifest URL without the SHA-256 Checksum will fail on devices without the Hexnode agent app installed.
    • Only Windows 11 support MSI app installation on devices without the Hexnode agent app.
    • The location for app installation depends on the MSI build unless the installation path is specified here.
    • The install location for some applications may be app-specific. As a result, specifying a different installation path will have no effect.
    • If the app has been previously installed, and later uninstalled from the device, the app will reinstall at the initial location even if a different installation path is provided.

  11. While uploading the MSI/MSIX/EXE file, you can check the Notify admin via email once app upload succeeds/fails option to receive the email notifications on the app upload status.
  12. Click Add to upload the file.

Deploy the apps to target devices

The apps added to the app inventory can be distributed to the devices using the remote action or Required Apps policy.

Install apps via Actions

Method 1

  1. Navigate to Manage > Devices.
  2. Click on the device.
  3. On the device summary page, click Actions > Install Application.
  4. Select the app.
  5. Click Configure to specify the installation settings.
  6. Click Install.

Install apps via Policy

  1. Navigate to Policies.
  2. Create a new policy with the New Policy button or select an existing policy.
  3. From Windows > App Management, select Required Apps.
  4. Click on Configure and +Add button to either add an app or a group of apps from the app inventory.
  5. Select the required app(s) and click on Done.
  6. Configure the installation settings and click Save.
  7. Next, associate the policy with the target devices by navigating to the Policy Targets tab.
  8. Select the required Devices/Device Groups/Users/User Groups/Domains to which the policy is to be associated.
  9. Click on Save.

Installation settings

For MSI apps, Hexnode enables you to configure various app installation settings during deployment via the Required Apps policy.

  • Enable logging: This setting helps specify the MSI app’s default logging mode. Ticking this option enables the logging service, and the Windows Installer records the errors and events into logs on the specified log path of the device. The diagnostic data contained in the logs helps the user to troubleshoot in case the installation fails.
  • Log path: Specify a custom path for the output log file. You can provide the complete path of a folder along with the desired file name and format. C:\Hexnode\Logs\MSI Logs\.log is set as the default log path.
    Notes:

    • If the provided log path does not exist on the device, Hexnode will create a folder at the specified path and generate the output file there.
    • If the provided log path is invalid (say, the drive doesn’t exist on the device, or the admin entering invalid data in the input field), the app installation will fail.
      Error message when the log path provided for the MSI app is invalid

  • Force device restart after app installation: Upon successful installation, the system restarts automatically when this option is selected.
    Notes:


    While the device is in kiosk mode, you must add the Hexnode UEM App (present in C:\Hexnode\Hexnode UEM\Current\HexnodeUEM.exe) as the kiosk application to enforce this setting.

  • Installation Timeout: If the app installation process does not complete within the specified time duration, it will be forcefully terminated. The minimum and maximum time duration is 10 and 60 minutes respectively.
    Notes:


    The configured timeout period considers only the app installation process that begins after the MSI installer file has been deployed from the Hexnode UEM server.

  • Add command-line parameters: You can specify additional parameters by ticking this option while distributing the MSI app to the device. These command-line parameters help you modify the installation process and other related operations on the device.
Notes:

  • During the app distribution via Install Application action or Required Apps policy, the app installation proceeds silently on the device. It may take a couple of minutes, depending on the app size and network connectivity.
  • The installed apps will be accessible to all users on the device. All users will be able to use and even uninstall the apps if necessary.

Configure MSI app installation settings

Troubleshooting tips

  • Deploying and Managing Apps