InspectionXpert OnDemand 2.0 is a “Smart Client” application that utilizes Microsoft’s ClickOnce technology to combine the advantages of a “thin client” (e.g. no install, auto update) and a “fat client” (e.g. high performance, high productivity). Because ClickOnce is a relatively new technology, we have created this guide to help executives, IT administrators, and staff; understand how deployment of InspectionXpert OnDemand 2.0 is different from traditional software installations.
Why use ClickOnce?
Efficient deployment
ClickOnce technology enables InspectionXpert OnDemand 2.0 to run in the Internet security zones on the end user's computer which enables the software to be installed without elevated permissions on the computer. ClickOnce technology also makes it possible for InspectionXpert OnDemand 2.0 to be a self-updating application that can check for newer versions as they become available and automatically update to the latest version. These advantages minimize the hidden cost of software, which is the burden on IT to deploy new applications or software upgrades to existing applications.
Administrator control
ClickOnce also makes it possible for administrators to control InspectionXpert OnDemand 2.0’s update behavior, for example, marking an update as mandatory. Updates can also be rolled back to an earlier version by the end user or by an administrator.
Security
InspectionXpert OnDemand 2.0 is signed with our secure digital signature from a trusted certificate authority and no user data ever leaves your local environment. Only license validation and software updates are sent over the network. All project data (e.g. drawing files, specifications, etc) is stored in your local file system.
As you can see, ClickOnce provides an efficient, low impact, and secure means of deployment onto any Windows PC. In most cases, IT administrators do not have to do anything to deploy InspectionXpert OnDemand 2.0. Typically, the user clicks on the link and InspectionXpert OnDemand 2.0 is downloaded and launched. In highly restricted computer networks, (e.g. networks in ITAR controlled facilities), some minimal configuration may be required. The remainder of this document is technical in nature and is intended to provide the information needed for IT administrators to ensure smooth deployment of InspectionXpert OnDemand 2.0 in those highly restricted environments.
.png)
Quick Start Guide
Scenario 1: Connection through a firewall
In typical IT environments, firewalls will not block InspectionXpert OnDemand 2.0. Simply use a compatible browser to visit our secure site and begin using InspectionXpert OnDemand 2.0.
Scenario 2: Connection through a proxy server
This is a more complex case and some configuration may be necessary. The most common issue is the need to “whitelist” www.inspectionxpert.com, or set it as a trusted site. Further modification of a configuration file for the proxy server or permissions for certain file extensions may be necessary as well. Skip to the Troubleshooting section for more information on this.
Scenario 3: Direct connection to the Internet
This is the simplest scenario. Ensure that you have a compatible browser installed, login to our secure site, and begin using InspectionXpert OnDemand 2.0.
Background
ClickOnce was developed by Microsoft as a fast hands-off approach that allows IT departments to quickly and easily deploy software to many computers with minimal downtime and easy maintenance. It solves three major issues in application deployment: updating, impact on the user’s computer, and security permissions. These issues can seriously hamper large or small IT departments from deploying new technologies to their users; however, ClickOnce solves these issues and allows IT to quickly update and install InspectionXpert products on the fly.
With InspectionXpert OnDemand 2.0, IT departments can easily activate new user access and manage existing user’s access without having to touch the end user’s machine. This means less down time, more productivity, and instant upgrades. Upgrades can even be handled automatically. ClickOnce upgrades the necessary files as they become available on the web server, and access to new versions is as easy as logging into our secure site, and accessing a link.
ClickOnce applications are installed per user, to the users account folder. This means that the InspectionXpert OnDemand 2.0 application is not being installed to “Program Files” or other write protected folders. This also means that the application runs on its own without the need for shared libraries, preventing our software from interfering with existing applications on the machine.
Our OnDemand products are also secure. We digitally sign our application with a public/private key certificate pair from a certificate authority. This ensures that you are always downloading our application and nothing else. Also all project data is stored locally and never transmitted over the network. The only transmissions by InspectionXpert OnDemand 2.0 are for updates and software license verification. Your data is safely secured on your local machine or server environment, just like a typical .msi installed application.
Troubleshooting
While the ClickOnce deployment strategy is designed to be simple and easy, there may be some configuration required by administrators. These configurations may not be necessary, but deployment issues can be summarized into four main categories. In order of most commonly encountered first, they are: web browser choice, installation of the .NET framework, browser and proxy security settings, and local file permissions.
Web Browser
Only the following web browsers are supported:
•Internet Explorer
•Mozilla Firefox with the Microsoft .NET Framework Assistant add-on installed
.NET Framework
InspectionXpert OnDemand 2.0 was built using the .NET framework 4.0. This is often already installed on Windows 7 and Windows 8 machines. The .NET framework can be downloaded directly from Microsoft and is used by many Windows programs.
Browser and Proxy Security Settings
If InspectionXpert OnDemand 2.0 fails to run try the following troubleshooting guide related to security settings. It is listed in order of most commonly encountered issues first.
1.The following file extensions must be allowed to run from external sources:
a..application
b..manifest
c..deploy
1.If you receive a “403 Forbidden” error message when launching the application, then you must set www.inspectionxpert.com as a trusted site this is also known as “whitelisting” the site.
2.If you use a proxy server that uses the Windows user’s standard login credentials and you receive a “407 Proxy Authentication Required” error message. Then you may need to modify the local machine’s “machine.config” file by either updating or adding a system.net XML node in the file and specifying your company’s proxy address in the XML attribute called proxyaddress.
Modify “%windir%\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config” on the client machine with the following xml.
<system.net>
<defaultProxy enabled="true" useDefaultCredentials="true">
<proxy proxyaddress=”http://<ip:port>” bypassonlocal="true" usesystemdefault="false" />
<bypasslist> <add address="[a-z]+\.inspectionxpert\.com$"/>
</bypasslist>
</defaultProxy>
</system.net>
Unfortunately, due to the limitations of Microsoft’s ClickOnce technology, if your proxy server requires login credentials that are different from the standard Windows user’s login credentials, ClickOnce will not work.
Local File Permissions
ClickOnce deployed application files are downloaded to a sub-folder of the user’s account folder, whose location depends on the version of Windows. The names of the sub-folders are proprietary to Microsoft’s ClickOnce technology so the exact folder names are unknown. Under the default environment settings, the end user will have read/write access to these folders as they are part of a user’s profile on a machine. Without read/write access, it can be expected that errors will occur when the ClickOnce technology attempts to download files. In Windows 7 and Windows 8, this folder is “C:\Users\<user account name>\AppData\Local\Apps\2.0”. In addition, InspectionXpert stores template, dictionary, and settings files in “C:\Users\Public\Documents\InspectionXpert”; so that they may be accessed by all users.