April 17, 2008
UPDATE: Check out our CAB Signing Tool if you need to sign CAB files with your own certificate.
A recurring question I get is how to test and demo the software distribution capabilities of MDM.
People generally run into errors with importing test CAB files because the DM does not trust the signature the CAB was signed with – or the CAB is simply unsigned. First thing to note is the software distribution server can only import signed CAB files. You cannot disable this feature (as of this writing anyway.) The root certs of the certificate that signed the cab file must be in the Trusted Publisher store on the DM server. In most cases you will have to manually put it there.
If you have several unsigned apps, create a cert from your MDM CA and use that for signing all the CABs. The steps for how to do that are in a CAB Signing document on the Connect site or came with your MDM product documentation.
If you would like to do a quick test without going through the self signing cert process, you can deploy a Microsoft signed CAB like Live Search. You can download the Live Search cab here.
You will need to prep your DM server to trust the certs and CA used to sign the live search cab. Here’s the steps to do that on your DM server.
Once the CAB is imported you can simply follow the steps in the operations guide for how to deploy the application to your devices using the MDM software deployment MMC.