These are the prerequisites
- Microsoft .NET 4.5.1 or later. This article will help you work out what .NET version you have installed. If you discover that you need to install it, google for '.NET download'. Note—it has to be .NET 4.5.1 or later—plain 4.5 or 4.0 isn't good enough—Kappris relies unavoidably on calls that were only introduced at .NET 4.5.1. The latest release (at time of writing) is .NET Framework 4.8
- Kappris.x64.2.n.n.xxxx.msi or Kappris.x86.2.n.n.xxxx.msi depending on your platform
- Windows 7 only—ensure that both Microsoft patches KB3033929 and KB2921916 are installed. The first ensures that Windows 7 will behave correctly with the Kappris SHA2 code-signing certificate. If you've configured Microsoft Update to apply patches as soon as they are published then you'll already have this patch installed. The second fixes Windows so that when you tick the Always trust software from "Kutana Ltd" checkbox the setting is remembered and you never see that dialog again on subsequent installs. Unattended Kappris installation on Win7 is impossible unless both patches are installed.
- For successful unattended installation, a prerequisite is that the Kutana code-signing certificate is installed on the target machine. More detailed notes further down this page, here.
Check the prerequisites list above, ensure .NET 4.5.1 or above is installed, then at an Administrative command prompt, or otherwise running as Administrator, install Kappris. Follow the instructions here to ensure an error free install. Also see the Special Considerations section below for details about the driver certificate.
WARNING—do not attempt an unattended installation until you're certain that you can install interactively without the appearance of any Windows Security/UAC dialogs.
Kappris Core Program
If you want an unattended or silent install, you can run msiexec at the command prompt, specifying the Kappris MSI as one of its arguments, e.g.
msiexec /q /l*v logfile.txt /i \\path\to\msi\Kappris.msi KAPPRIS_CONFIG_FOLDER=\\server1\kappris
If you want an unattended or silent install, you can run msiexec at the command prompt, specifying the KapprisExtensions MSI as one of its arguments, e.g.
msiexec /q /l*vx log01.txt /i \\path\to\msi\KapprisExtensions.msi ADDLOCAL="ProductFeatureNetDocuments,ProductFeatureImanage9,ProductFeatureImanage9Workflow,ProductFeatureImanage9Print"
ADDLOCAL list, removing the product features that are not required:
Here's what the msiexec command line switches do:
/q Quiet or silent installation with no dialog prompts. Be careful with this—you'll get no visual indication if installation failed for some reason.
/l Log installation messages and events (
/l*vx means log everything, extra verbose). Follow this switch with a space and then the name of an output text file to receive the UNICODE text log.
/i Install from the msi file whose name follows the switch.
|Kappris-Specific Argument Name||Default Value||Description/Comments|
|KAPPRIS_CONFIG_FOLDER||C:\Program Files\Kutana\Kappris||There are more extensive notes on the Kappris Config Folder here. Users need read access to this folder. Kappris administrators need to be able to write to it too. You must specify this argument to end up with a usable Kappris installation.|
If you attempt an unattended Kappris installation and, for whatever reason, the installer needs to pop a dialog asking for user input, the installation will be cancelled then roll back, and you may see a 1603 error code. To prevent this happening, you need to make sure the Kutana certificate is installed on the target machine before you do the Kappris installation, and, if you're targeting Windows 7 you need to make sure the two necessary patches are installed (see bottom of page). To install the certificate, follow the instructions below:
Download this file: Kutana.cer and use the certutil command to put the certificate in the Trusted Publishers store on that machine:
certutil -addstore TrustedPublisher Kutana.cer
Alternatively you could create a Group Policy to push the certificate out from your Group Policy server to all machines matching certain criteria. This article contains further notes.
Other certificate deployment methods are described in this MS article
Access rights on folders:
|Windows Server 2008 R2||Ensure that the LOCAL SERVICE user has full control rights to the C:\Windows\System32\Spool folder, otherwise when you print via Kappris the job will disappear without actually printing to the target printer. We saw this issue at case 2860.|
Because the Kappris MSI installs the Kappris printer driver, if you install Kappris interactively on a machine that has:
- never had Kappris installed on it before or
- had an earlier Kappris version that was signed using an SHA1 certificate instead of the new SHA2 certificate
…then the installer will cause a Windows Security dialog like this one to appear:
During an interactive installation, you should tick 'Always trust software from "Kutana Ltd"' and then when you click [Install] the driver will be installed. This action also caches the Kutana certificate in the Trusted Publishers certificate store on the target machine, so the next time you attempt a Kappris installation the Windows Security dialog won't appear. Unfortunately on Windows 7 there is a bug in this behaviour, so that even though you ticked the 'Always trust' checkbox, the state of the checkbox isn't remembered, and the next time you do an installation you'll get the same warning dialog again. This bug will break unattended installation because it will cause the installer to pop a dialog that will automatically be canceled. The fix for that bug is in Microsoft patch KB2921916
If you're running Windows 7 and you see this scary dialog it means you haven't yet applied the prerequisite Microsoft patch KB3033929, which means Windows can't verify the goodness of the SHA2 certificate used to sign the Kappris printer driver:
Updated page available here