Upgrade Shopping Central

Intune

If you're planning to use Shopping with Intune you should follow the instructions on Enabling Intune integration before starting the installation of Shopping central.

To upgrade Shopping Central:

  • Copy the Shopping Central installer (ShoppingCentral.msi) to a local folder.
  • Start a command prompt with administrative privileges (Run as administrator).
  • Change directory to the folder where the Shopping Central installer was copied.
  • Run msiexec /i ShoppingCentral.msi /l*v ShoppingCentralInstall.log to start the Shopping Central install wizard:
  1. On the Welcome page for an upgrade, a pop up message is displayed indicating successful back up of files. Click OK on the popup then click Next on the Welcome page to proceed.
  2. On the Prerequisites page, ensure all checks passed and click Next.
  3. On the License Agreement page, accept the terms of the license agreement and click Next.
  4. On the Installation Type page, select Complete Install
    1. Optionally, click Enable integration with Intune.
    2. Click Next.
  5. On the Customer Information page, enter your Shopping license key and optionally enter your WSA license key.
  6. On the Custom Setup page, ensure the Install to: location matches with the current installation.  If not, click Change... and browse to the correct location and click Next.
  7. On the Database Server page, ensure the SQL Server field shows the name of the SQL server where the current Shopping database is installed. Ensure the Drop any existing Shopping Database option is unchecked and click Next.
  8. On the 1E ActiveEfficiency Server page, ensure the ActiveEfficiency Server field displays the name of the existing ActiveEfficiency server. Click Next.
  9. On the Active Directory Integration page, ensure the Active Directory Server field displays either the AD Domain or a Domain Controller that Shopping is currently using and click Next.
  10. On the Service Account page, ensure the User Name field shows the current Shopping Central service account. Enter the password in the Password field. Ensure the current Shopping Receiver service account (or group containing the Shopping Receiver service accounts) is displayed in the Shopping Receiver User name\Group field. Click Next.
  11. On the Exchange or SMTP server page, ensure the correct SMTP server name is displayed and click Next.
  12. On the SMS/System Center Configuration Manager Integration page, ensure the correct Configuration Manager Site Server is displayed and click Next.
  13. On the Admin Console Node Security page, ensure the correct Shopping and ConfigMgr database access groups are displayed and click Next.
  14. On the Shopping Management Accounts page, ensure the correct admin, report manager and license manager users or groups are displayed and click Next.
  15. On the Website Configuration page, ensure the correct Shopping Website properties are displayed and click Next.
  16. On the Shopping URL Prefix page, ensure the correct Shopping URL prefix is shown (this should be http://< hostheader >, where hostheader is the host header currently used for Shopping and defined as an alias in DNS which may be an FQDN). Click Next
  17. If you selected that Intune integration should be enabled at step d.i, on the Intune Integration page, specify the Azure tenant ID, service authentication client app ID, and Console authentication client app ID. Those values are available from Azure Active Directory after you have followed the steps detailed on the Enabling Intune integration page. Click Next.
  18. On the Ready to Install the Program page, click Install.
  19. When the installation completes, click Finish.
On this page:

Add the Shopping Central computer account to the ConfigMgr Read-only Analyst Security Role in ConfigMgr

To support Windows Servicing Assistant (WSA), the Shopping Web application pool service account requires the Read-only Analyst security role in Configuration Manager. This is required to enable it to parse task sequences using WMI. This is a one-time only manual procedure prior to after installation of Shopping Central. 

Import the 1E Shopping Central Security Role.xml   file into the Configuration Manager console to create  a role called 1E Shopping Central. This role has the same permissions as the Read-only Analyst security role.

The Shopping Web application pool service account runs in the context of Network Service, in which case if Configuration Manager and the Shopping Web service are installed:

  • on different servers then the computer$ account of the Shopping Web server must be added to the Read-only Analyst security role (or 1E Shopping Central security role if you have created it)
  • on the same server then the NT AUTHORITY\Network Service account should be added to the Read-only Analyst security role (or 1E Shopping Central security role if you have created it).

You must change the Security Scopes tab for the user from the default of Only the instances... to All Instances of the objects that are related to the assigned security roles, which will cover all existing and future security scopes. Alternatively, you can leave the default setting and add all the security scopes that you are using for task sequences and related content.

Security Scopes

Redefine HTTP Redirection

If your Shopping website previously had HTTP redirection enabled (as described in IIS Redirect) you will need to reconfigure this after Shopping has been upgraded.

Upgrade the Shopping Receivers

When upgrading 1E Shopping Receivers from versions prior to Shopping 5.6, because of the newly added support for client notification, you will need to update the 1E Shopping Receivers security role in Configuration Manager CB1810 and later. This can be done in the following way:

  1. Remove any users assigned to the existing 1E Shopping Receivers security role in Configuration Manager - noting them down for re-assigning later. If a user only has that role you will need to assign the user to a temporary role, for example Read-only Analyst.
  2. Remove the existing 1E Shopping Receivers security role from Configuration Manager.
  3. Import the 1E Shopping Receivers security role using the appropriate xml file for the version of Configuration Manager you are using.
  4. Re-assign the previous users to the new 1E Shopping Receivers security role.
  5. Unassign the users from any temporary roles.

Please refer to Preparation: 1E Shopping Receivers security role for more details.

The Shopping Receiver must be upgraded on each ConfigMgr Primary Site (including the CAS in a multi-site hierarchy), as follows:

  • Copy the Shopping Receiver (ShoppingReceiver.msi) to a local folder.
  • Start a command prompt with administrative privileges (Run as administrator).
  • Change directory to the folder where the Shopping Receiver installer was copied.
  • Run msiexec /i ShoppingReceiver.msi /l*v ShoppingReceiverInstall.log to start the Shopping Receiver installation wizard.
  1. On the Welcome page, click Next.
  2. On the License Agreement page, select  I accept the terms in the license agreement and click Next.
  3. On the Install Type page, select Upgrade and click Next.
  4. On the Destination Folder page, click Change to modify the installation folder or click Next to use the default folder shown.
  5. On the Receiver Service Account page, if you are currently using a specific service account for the Shopping Receiver, select This Account and enter the user name and password for the Shopping Receiver service account. Alternatively select Use Network Service Account. Click Next.
  6. On the Policy Refresh page, ensure the correct policy refresh option and Policy Refresh delay is selected and click Next.
  7. On the Shopping URL Prefix page, enter the correct Shopping URL Prefix (this should be http://<hostheader>, where <hostheader> is the host header currently used for Shopping and defined as an alias in DNS which may be an FQDN). Click Next.
  8. On the Default Advanced Client Flags, if 1E Nomad is being used, select Always download from DP, otherwise select Default and click Next.
  9. On the Configuration Manager Database Connection page, click next if TLS 1.0 is enabled.  If TLS 1.0 is disabled select TLS 1.0 disabled - install using TLS 1.1 / 1.2 - ensure that SQL Server Native Client 11.0 is installed before selection this option.
  10. On the Ready to Install the Program page, click Install.
  11. When the installation completes, click Finish.

Replace the Shopping Agent with the 1E Client

Shopping 6.0 uses the 1E Client (formerly named the Tachyon Agent) in place of the Shopping Agent used by Shopping 5.4 and 5.5. The 1E Client must be deployed to all computers from which users will be connecting to the Shopping portal.

The new enhanced features of Windows Servicing Assistant requires 1E Client v4.1 or later.

The Shopping module of the 1E Client (formerly named the Tachyon Agent) also provides Windows Servicing Assistant (WSA) which guides users through the preparation and execution of an OS deployment. WSA is a client-based wizard that enables users in the office or working remotely over VPN to initiate an OS upgrade or OS refresh (wipe-and-load) or to migrate data, settings and applications from an old PC to a replacement PC at their convenience. WSA Applications are created managed through the Shopping Admin console. The task sequences used by WSA have a dependency on 1E Nomad 7.0.200 , to manage content and storage of user state using custom actions that are implemented with Nomad.

1E Client (Tachyon Agent) versions offer enhanced levels of support for WSA:

  • WSA in 1E Client 5.0 with its latest Accumulated Hotfix (Patch) or 1E Client 5.1 provides the following WSA enhancements and works with Shopping 6.0 and later:

    • Support for nested Task Sequences
    • Autofill Wi-Fi passcode on Connection page if available
    • Option to disable the Location page
  • WSA in 1E Client 4.1 or 5.0 provides the following WSA enhancements and works with Shopping 5.5.200 and later:

    • Applications page includes all installed, normalized applications

    • Allow conditional download of Windows 10 upgrade packages

    • Check Windows 10 version readiness checks before upgrading

    • Perform In-place Upgrade compatibility check in WSA readiness checks

    • Allow Windows Servicing Assistant to exclude user state migration

    • Required for environments where TLS 1.0 is disabled.

  • WSA in Tachyon Agent 3.3 (now out of support) provides the following and works with Shopping 5.5.100 and later:

    • Customization of all text strings
    • Wi-Fi support for Wipe and Load Destructive deployments
  • WSA in Tachyon Agent 3.2 (now out of support) provides basic features and works with Shopping 5.5.0

The above WSA features require a full Shopping infrastructure including 1E Client deployed with the Shopping client and Nomad client modules enabled. 1E Client 5.1 onwards also includes the PXE Everywhere client module to support PXE booting of peer computers.

WSA optionally supports migration of applications in Replace and Refresh OS deployment scenarios.  1E Application Migration 3.1 requires a full  Tachyon 5.1 infrastructure, including 1E Client with Tachyon client enabled.  Customers that have purchased the WSA are licensed to use Shopping, Nomad, and Application Migration, and can therefore take full advantage of the all WSA functionality.

If you intend to use all the latest features of WSA or have disabled TLS 1.0, you must use Tachyon 4.1 or later. Please refer to  1E Client 5.1 - Welcome for more details on the 1E Client. The best way to deploy the 1E Client is to use the 1E Client Deployment Assistant, for more details please refer to  1E Client Deployment Assistant 1.5 - Welcome .

1E Client 5.1 provides client features for Tachyon, Nomad, PXE Everywhere, WakeUp and Shopping/WSA, all of which can be optionally enabled when upgrading - taking the following into consideration:

  • You should only enable the client modules for Nomad or WakeUp if you have upgraded the Nomad or WakeUp back-end servers to the latest versions.
  • Regardless of the Tachyon version you are working with you can install the 1E Client 5.1 because its Tachyon features are compatible with older versions of Tachyon Server.