Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Summary

Excerpt

Installer properties and configuration settings for the Shopping client module of the 1E Client supported only on Windows computers. This module supports users connecting to the Shopping Portal, and provides the Windows Servicing Assistant (WSA).


Info

Installer properties and Configuration file settings:

Multiexcerpt
MultiExcerptNameConfigurationFileSettings

Table of Contents
maxLevel4
minLevel4
absoluteUrltrue
typeflat
separatorpipe


Enabling the Shopping client module allows the Windows Servicing Assistant (WSA) feature to be used. There are no additional settings required to enable or configure the WSA feature.

Configuration file settings are the same as the installer properties. There are no registry settings. Configuration file settings can be managed using 1E Client reconfiguration, Tachyon Explorer configuration instructions, Tachyon Guaranteed State policies, Configuration Manager baselines or other means.


Advanced Panelboxes for Confluence
nameidgrey1
titleOn this page:

Table of Contents
maxLevel3
minLevel2
indent20px
excludeSummary|On this page|In this section...
separatornewline



Note

The Shopping client module of the 1E Client replaces the Shopping Agent used by versions of Shopping before v5.5. When the 1E Client starts, if the Shopping module is enabled the 1E Client will automatically remove any previous installation of the 1E Shopping Agent.

The Shopping client module is not supported on:

  • Non-Windows devices
  • Legacy OS (that is OS which Microsoft no longer support, including XP, Vista, Server 2008 etc.)


Shopping client settings

The table below lists the settings required to enable the Shopping client required for integration with Shopping v5.5 or later. The Shopping client module must be enabled on all Windows computers that will connect to the Shopping self-service portal. 

Multiexcerpt include
MultiExcerptNameCase-AnySettings
PageWithExcerpt1E Client settings

Shopping module settingInstallation defaultDescription

Module.Shopping.Enabled

Anchor
MODULESHOPPINGENABLED
MODULESHOPPINGENABLED

false

Set the value to true to enable the Shopping module. The default value is false.

Multiexcerpt
MultiExcerptNameModuleShoppingEnabled

Shopping must be enabled so that users of a computer can use the 1E Shopping self-service portal, the Windows Servicing Assistant, and the 1E Virtual Assistant.

Note

If enabled, when the 1E Client starts it will attempt to automatically remove any previous installations of the 1E Shopping Agent.



Module.Shopping.AlternativeUrls

Anchor
ALTERNATIVEURLS
ALTERNATIVEURLS

Note

This setting is not in the template configuration file.


(blank)

Optional. A list of URLs from which the Shopping module allows launching the WSA wizard. This setting is typically used to launch WSA from a ServiceNow application such as 1E Service Catalog Connect.

Multiple URLs should be separated by pipe characters. For example  https://dev123456.servicenow.com|https//dev987654.servicenow.com

The Shopping client requests this value from the Shopping Central website  (admin console setting: AlternativeUrls ). If the request is successful the website value takes precedence even if blank, otherwise the local setting is used.

Module.Shopping.FirefoxSupportEnabled

Anchor
FIREFOXSUPPORTENABLED
FIREFOXSUPPORTENABLED

Note

This setting is not in the template configuration file.


(blank)

Optional. If this setting is not specified the value defaults to false.

This value must be set to true if LocalHostUrl is set to https and Firefox is being used to browse to the Shopping website, or to launch the WSA wizard from Shopping or third party websites like ServiceNow.

When set to true, the Shopping client set the Mozilla preference security.enterprise_roots.enabled=true which allows Firefox to see the Shopping client  certificates in the Windows certificate store. You can see this setting in Firefox about:config.

The Shopping client requests this value from the Shopping Central website (admin console setting: Firefox support enabled). If the request is successful the website value takes precedence even if blank, otherwise the local setting is used.

Module.Shopping.InitializationFailureSleepSecs

Anchor
INITIALIZATIONFAILURESLEEPSECS
INITIALIZATIONFAILURESLEEPSECS

Note

This setting is not in the template configuration file.



30

This setting controls the time the client waits before attempting to connect to the website specified in Module151426268.Shopping.ShoppingCentralUrl. If the client module fails to connect during startup, it does not initialize, and will retry at gradually increasing intervals until it is able to connect.

Range is 10 to 900, default is 30.

The log file may show this setting as InitializationRetryIntervalSecs.

Module.Shopping.LocalhostUrl

Anchor
LOCALHOSTURL
LOCALHOSTURL

Note

This setting is not in the template configuration file.


(blank)


Multiexcerpt
MultiExcerptNameLocalhostUrl

Optional. The localhost URL used by the Shopping client module to listen for localhost API calls. For example:   http://localhost:8000/ShoppingClientAgent/MachineInfo  

The Shopping client requests this value from the Shopping Central website (admin console setting: 1E Client loopback URL ).

  • if the request is successful the website value takes precedence, 
  • if the connection is successful but the request is rejected or the response is invalid then the local value is used,
  • otherwise the client fails to initialize,  an empty value is used, and the client tries reconnecting later. 

LocalhostUrl must be set to  https if ShoppingCentralUrl is set to  https , otherwise it can be  http or  https

ShoppingCentralUrlLocalhostUrl
httphttp or https
httpshttps

When LocalhostUrl uses https the 1E Client Shopping client creates the following certificates on startup, and deletes them when shutting down:

  • a self-signed certificate issued to 1ECA added to the machine's Trusted Root Certification Authorities (ROOT) store
  • a certificate issued by 1ECA issues to localhost added to the machine's Personal (MY) store.

If using https and Firefox browsers are used, then Module.Shopping.FirefoxSupportEnabled 151426268 must be set to true.

Shopping client only allows inbound connections to localhost (127.0.0.1) which prevents remote access.

See  Information provided by the Shopping client 151426268  below for details of localhost API calls.


Multiexcerpt
MultiExcerptNameFakeShoppingWebsite
The above client request process allows 1E products like Virtual Assistant to use the loopback feature without installing a Shopping website. For example, setting   Module.Shopping.ShoppingCentralUrl= https://tachyon.acme.local/Shopping  allows the client to successfully connect to the Tachyon website which then rejects the request, and the local value of LocalhostUrl is then used. To ensure this works, the specified website must reject the request with a 404 error, and not redirect, prompt or provide invalid data. 


Module.Shopping.LoopbackExemptionEnabled

Anchor
LOOPBACKEXEMPTIONENABLED
LOOPBACKEXEMPTIONENABLED

false


Multiexcerpt
MultiExcerptNameLoopbackExemptionEnabled

Optional. Default value is false. Set this value to true if users are likely to use Microsoft Edge or other Metro browsers to access the Shopping website. 

The Shopping client requests this value from the Shopping Central website  (admin console setting: Loopback exemption enabled ). If the request is successful the website value takes precedence, otherwise the local setting is used.


Multiexcerpt
MultiExcerptNameLoopbackInformation

When users connect to the Shopping Portal, the website needs to get the latest details about the local computer. Shopping may already have details from the Configuration Manager database via ActiveEfficiency, but these need to be confirmed and updated. Browser standards only allow websites to get limited information about the user and computer, therefore the website needs to make loopback calls to the local computer via the Shopping client. The following browsers permit loopback calls by default:

  • All versions of Chrome
  • All versions of Firefox
  • Non-Metro UI based Internet Explorer browsers (including legacy Internet Explorer)

If your Shopping users are using Edge and Metro Internet Explorer browsers you must enable a Loopback Exemption to allow these browsers to make loopback calls. Exemption affects the browser as a whole and is not just restricted to the Shopping website. Before enabling this option, check your corporate security policy and be aware of the implications of allowing access between browsers and the local machine. By enabling loopback, you are only setting the Edge/Metro Internet Explorer browsers to the same level of security as other browsers which allow this setting already.

If you are running an unattended install, you can use MODULE.SHOPPING.LOOPBACKEXEMPTIONENABLED for all OS but it only works on Windows 8, 8.1, 10 and Windows Server 2012 R2 and later.

Shopping client only allows inbound connections to localhost (127.0.0.1) which prevents remote access.


Module.Shopping.ShoppingCentralUrl

Anchor
SHOPPINGCENTRALURL
SHOPPINGCENTRALURL

(blank)

The URL that the Shopping client module uses to connect to the Shopping Central website. Failure to connect causes the client to fail to initialize and retry connection later.

Multiexcerpt
MultiExcerptNameShoppingCentralUrl

Example: https://shopping.acme.local/Shopping

This is the URL of the Shopping Central website, comprising:

  • scheme - either http or https
  • host header - DNS Name FQDN - this is the host header configured for the Shopping website, which is normally a DNS Name FQDN
  • port number - you do not have to provide this if using default port 80 or 443
  • path - this is always /Shopping. 


Note

This setting is mandatory when Module.Shopping.Enabled=true.


Info

The Shopping client uses ShoppingCentralUrl to make the following API calls to obtain configuration settings from the Shopping Central website.

<Module.Shopping.ShoppingCentralUrl>/WindowsServicingAssistant/GetTachyonAgentUrl
<Module.Shopping.ShoppingCentralUrl>/WindowsServicingAssistant/ModuleConfig




Information provided by the Shopping client

The following localhost API calls can be entered directly in a browser on a device that has the Shopping client module of the 1E Client enabled and correctly configured.

If the Shopping Central website binding is https then the localhost URL must also be https, otherwise it can http or https

When using an  Edge or Metro versions of Internet Explorer browser, you must set Module.Shopping.LoopbackExemptionEnabled=true.

MachineId

The following table shows example details sent by the Shopping client to the Shopping Central server. The client makes a localhost API call MachineId API to get the details, and then uses a server API call to post them to the Shopping Central website, which creates or updates the machine details in the Shopping database and returns the MachineId GUID from the database. Details are shown in the 1E.Client.log.

This call is made when a user browses to the Shopping Web Portal, and the website uses the loopback feature to query the local computer.

You can test this by entering  http://localhost:8000/ShoppingClientAgent/MachineInfo/MachineId  directly in a browser.

AttributeDescriptionExample
HostNameComputernameACME-WIN1001
HostDomainNameComputer's NetBIOS Domain NameACME
AssignedSiteConfiguration Manager client Site codeCM1
MacAddressComputer's MAC Address20-68-9D-5B-EB-73
OSVersionOS Version10.0.15063
OSArchitectureOS Architecture64-bit
OSRole

The role of the OS. Values are:

  • 1 – Workstation
  • 2 – Domain controller
  • 3 – Server
1
SccmVersionConfiguration Manager client version5.00.9012.1020
UniqueIdConfiguration Manager client GUIDGUID:04804aed-922c-4a4b-9f41-eab6592e7d83
IntuneDeviceIdIntune Device Id02c967b2-de4d-5ac1-859c-a15cb11b7638
TenantIdTenant Id6babcaad-604b-40ac-a9d7-9fd97c0b779f
TenantName

Tenant Name

ACME

Fqdn

The following example is JSON returned by the Shopping client when the Fqdn API call is made by Windows Servicing Assistant and 1E Virtual Assistant. Details are shown in the 1E.Client.log.

You can test this by entering  http://localhost:8000/ShoppingClientAgent/MachineInfo/Fqdn  into a browser. 

Code Block
{"Fqdn":"1EUKCOL1184.ACME.local"}


Checking loopback exemption on Microsoft Edge and Metro Internet Explorer browsers

The following is valid only for Windows 8, 8.1, 10 and Windows Server 2012 R2 and later.

When LoopbackExemptionEnabled=true the Shopping client will create exemptions for installed browsers on startup, and delete them when shutting down.

To check or verify exemptions, open a   command-prompt as administrator  on the computer you want to check, then run the following command.

Code Block
CheckNetIsolation LoopbackExempt -s

Output should be:

If either of these items are missing, you can manually add them by executing the following commands. Quotes may be required around the name of the app.

For IE: 

Code Block
CheckNetIsolation LoopbackExempt -a -n=windows_ie_ac_001

For Edge:

Code Block
CheckNetIsolation LoopbackExempt -a -n=Microsoft.MicrosoftEdge_8wekyb3d8bbwe

Removing

To remove an individual exemption, use -d instead of -a, for example:

Code Block
CheckNetIsolation LoopbackExempt -d -n=Microsoft.MicrosoftEdge_8wekyb3d8bbwe

The exemption from loopback restrictions can also be removed for all installed apps by using the following command:

Code Block
CheckNetIsolation LoopbackExempt –c

More information

For more information from Microsoft about CheckNetIsolation please refer to: https://docs.microsoft.com/en-us/previous-versions/windows/apps/hh780593(v=win.10).