Deploy software with WPKG and Active Directory

WPKG is a simple and powerful open source solution designed to deploy software on Windows machines without repackaging installers. It can be used to deploy many formats of installers (MSI, NSIS, Install Shield, and Inno Setup), and it can execute commands and scripts. In this tutorial, we'll see how to set up a WPKG environment in Active Directory.

Author
Recent Posts

Riccardo Bicelli

Riccardo is a system administrator and software developer for small and mid-size businesses in Italy.

Latest posts by Riccardo Bicelli (see all)

Tactical RMM: Open Source remote monitoring and management for Windows - Thu, Jan 27 2022
Use OpenSSL-based software XCA as offline root certificate authority for AD Certificate Services - Wed, Jan 27 2021
Deploy software with WPKG and Active Directory - Tue, Dec 8 2020

Contents

Requirements
What is WPKG-GP?
Set up Wpkg-GP
WPKG hosts and profiles database
Useful resources
Conclusion

Requirements ^

The basic requirement for a working installation of WPKG is to create a share accessible in read mode from your computers.

If you want to collect logs for further processing, it is advisable to create a Logs subdirectory, accessible in write mode from WPKG clients, in order to store the log files.

First, grab a copy of WPKG from the official website, unpack the zip file to a directory on your server, and then set up an SMB share (for example, \\myserver\wpkg).

What is WPKG-GP? ^

WPKG-GP is a client that runs as a Group Policy extension and displays messages regarding WPKG progress on the machine logon screen. We will deploy WPKG-GP at first via GPO using WPKG mechanisms. To do so, we have to set up a package in the WPKG tree.

Once you have obtained the WPKG-GP setup, copy WPKG-Gp-%version%_%architecture%.exe to the packages/WPKG-GP directory.

WPKG tree on server

You can download WPKG-GP from its GitHub releases page.

Set up Wpkg-GP ^

Create the WPKg-GP.ini file

Create the file packages/WPKG-GP/WPKG-Gp.ini. This will be your WPKG configuration file pushed by the installer. You'll have to edit the lines highlighted in bold, according to your environment.

[WpkgConfig]
EnableViaLGP = 1
IgnoreGroupPolicy = 0
DisableAtBootUp = 0

**WpkgCommand = \\myserver\wpkg\wpkg.js /synchronize**

WpkgVerbosity = 1

WpkgMaxReboots = 10
WpkgRebootPolicy = force

WpkgExecuteByNonAdmins = 0
WpkgExecuteByLocalUsers = 1
WpkgActivityIndicator = 1

[EnvironmentVariables]
SOFTWARE =\\myserver\wpkg\packages

Tip: You can also control some parameters via GPO. ADMX templates are available in the source package or via GitHub.

Create Wpkg-GP Package

Next, create the package file packages/WPKG-GP.xml, and change the value for the variable VERSION in order to reflect the setup version you downloaded:

<?xml version="1.0" encoding="UTF-8"?>
<packages>
<package id="wpkg-gp" name="WPKG-GP" revision="%version%">
 
    <variable name="VERSION" value=*0.17.17" />
 
    <variable name="ARCHITECTURE" value="x86" architecture="x86" />
    <variable name="ARCHITECTURE" value="x64" architecture="x64" />
 
    <check type="uninstall" condition="versiongreaterorequal" path="Wpkg-GP %version% .*" value="%version%"/>
 
    <!-- Install WPKG-GP -->
    <!-- wpkg-gp.ini contains settings such as location of wpkg.js, username/password to connect as, and the %SOFTWARE% environment variable -->
    <install cmd="%SOFTWARE%\wpkg-gp\Wpkg-GP-%VERSION%_%ARCHITECTURE%.exe /S /INI %SOFTWARE%\wpkg-gp\Wpkg-GP.ini">
        <exit code="3010" reboot="delayed" />
    </install>
 
    <upgrade include="install" />
 
    <remove
	cmd='"%PROGFILES%\WPKG-GP\uninstall.exe" /S' />
 
</package>
</packages>

Create the Wpkg-GP Installation Group Policy Object

Before creating the group policy, create a wpkg-gp.cmd in your WPKG root share. Change the variables highlighted in bold to reflect your environment.

@ECHO OFF
SET SOFTWARE=\\myserver\wpkg\packages
cscript \\myserver\wpkg\wpkg.js /quiet /install:wpkg-gp

Now create a Group Policy object and link it to the organizational unit of the computers on which you want to manage software packages with wpkg.

Add a computer startup script in Computer Configuration/Policies/Windows Settings/Scripts/Startup: \\myserver\wpkg\wpkg-gp.cmd

In the same GPO, you can adjust the WPKG-GP settings.

Add WPKG gp installation to startup scripts

WPKG hosts and profiles database ^

In order to have a working installation of WPKG, you need to create a host and profiles database.

To complete this tutorial, you need at least a default profile assigned to all hosts. So let's edit the profiles.xml file at the WPKG root:

<?xml version="1.0" encoding="UTF-8"?>
<profiles:profiles xmlns:profiles="http://www.wpkg.org/profiles"
	xmlns:wpkg="http://www.wpkg.org/wpkg" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.wpkg.org/profiles xsd/profiles.xsd ">		

	<profile id="default">
		<package package-id="wpkg-gp" />
	</profile>		
	
</profiles:profiles>

Tip: You can create a single XML file per profile in the Profiles folder or use a single profiles.xml file.

Next, edit the hosts.xml:

<?xml version="1.0" encoding="UTF-8"?>

<hosts:wpkg xmlns:hosts="http://www.wpkg.org/hosts" xmlns:wpkg="http://www.wpkg.org/wpkg"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.wpkg.org/hosts xsd/hosts.xsd ">

	<host name=".+" profile-id="default" />
</hosts:wpkg>

The hosts file is processed from top to bottom, and the first profile match will be applied. This means that every profile you create must contain the wpkg-gp package, or it will be uninstalled at every reboot.

For example, you can create a workstations profile:

<?xml version="1.0" encoding="UTF-8"?>
<profiles:profiles xmlns:profiles="http://www.wpkg.org/profiles"
	xmlns:wpkg="http://www.wpkg.org/wpkg" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.wpkg.org/profiles xsd/profiles.xsd ">		

	<profile id="default">
		<package package-id="wpkg-gp" />
	</profile>
	
	<profile id="workstations">
		 <depends profile-id="default" />
		 <package package-id="7zip" />
	</profile>
	
</profiles:profiles>

If you have naming conventions for your hosts, assigning profiles is a breeze. Your hosts.xml could look like this:

<?xml version="1.0" encoding="UTF-8"?>

<hosts:wpkg xmlns:hosts="http://www.wpkg.org/hosts" xmlns:wpkg="http://www.wpkg.org/wpkg"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.wpkg.org/hosts xsd/hosts.xsd ">

	<host name="WKS.+" profile-id="workstations" />
	<host name=".+" profile-id="default" />
</hosts:wpkg>

Wpkg GP in action at logon screen

Useful resources ^

The WPKG wiki contains many silent installers.

If you want to give users more control over Wpkg-GP operations, you could consider adding the Wpkg-gp-client.

There's a web application called WPKG Express 2 that can be used to manage WPKG configuration and packages. It also offers reporting.

Subscribe to 4sysops newsletter!

Conclusion ^

Even if WPKG looks like an old project, it is still a good deployment tool, designed with simplicity in mind. At first glance, silent installer creation could seem difficult, but after some practice it will become easier than many other similar products.