BookingBuilder Desktop Automatic Updates

BookingBuilder Desktop has the ability to automatically download updates when they are available. By default this functionality is turned off. For security reasons many companies either do not want updates installed by an application, or they first want their IT department to verify updates before they are installed.

Enabling automatic updates is very easy: Login to our web site by clicking Customer Login above, click Edit Groups, click the group where you want automatic updates enabled (in most cases there is only one group; simply click Default in this case), and click BookingBuilder Desktop Options. Make sure Automatic Update Enabled is checked, and click Save.

When new updates are available, they will be automatically downloaded to the computer, and then BookingBuilder Desktop will display a message indicating that the update has been downloaded. When the user clicks OK, the installation will be started. The agent only has to click Next a few times; there are no options to select. Once the installation is complete, the computer should be rebooted even if the installer does not require a reboot.

"Locked Down" Computers

Many companies have their computers "locked down" so that only IT administrators can install new software. This normally means that the users (travel agents) cannot install updates to BookingBuilder Desktop. However, the configuration page described above allows you to enter a domain, login name and password to use for installing the update. When this information has been entered, the update will be downloaded to the computer, and when the agent clicks OK to install the update, the downloaded installer will be run using the provided login information. The computer is not logged in with this username, so the user is not able to run any programs with the privileges associated with this login name.

There is also an alternate, more secure method described below, which allows you to distribute updates locally and uses an encrypted file to hold the login information, so no login information has to be entered into our web site.

This functionality is only available on computers with Windows 2000, Windows XP, Windows Server 2003 and newer.

Security Considerations

For security reasons, we suggest the following:

  • Create a new login and password that has installation privileges and will be used only for installing BookingBuilder Desktop Updates
  • This login should be disabled
  • Automatic Updates should be disabled on our web site
  • When you are notified that a new update is available and you are ready to install it, enable the new login, then login to our web site, enter the domain/login/password and enable automatic updates.
  • Once the computers have been updated, immediately disable the login on your servers, and turn off Automatic Updates

While BookingBuilder Desktop uses SSL to retrieve the login and password from our web site, nothing is 100% secure. By creating a new login and keeping it disabled when not being used, you are adding another layer of security. For even more security, change the password each time you enable the login.

You are responsible for protecting your networks and you take full responsibility for any passwords that you enter into our web site. Please take all proper precautions to keep your computers safe.

When used with proper security precautions, automatic updates are a powerful feature of BookingBuilder Desktop. The ability to run the installer with separate login credentials helps you keep your computers locked down without sacrificing any BookingBuilder Desktop functionality.

Alternate Method using BBD_Update.INF File

This method is more secure than above and has more flexibility, but may require some additional work. On the web page described above, below the blanks for the login information, is a blank to specify the path to the BBD_Update.INF file. If automatic updates are enabled and you specify a location for this file, BookingBuilder Desktop will read the update information only from this file. If the file does not exist, nothing will be read and no update will take place, so you have complete control over the process.

The BBD_Update.INF file specifies the version number of BB you are going to install, the location of the installer (it must be on a server in a folder, as opposed to being downloaded from a web site), the login information, and some other options. We have a utility to create this file, and it uses AES (Rijndael) encryption, so the login information is well protected.

It works this way:

  • Create a shared folder that all workstations running BB can access. This is done on the group level, so each group can have its own file location. If you have separate offices with separate servers, the computers for each office should be in their own group so they can be told to look on their respective servers.
  • Download the BB installer and place it in this shared folder.
  • Use our utility to create the BBD_Update.INF file, and save that file to this folder as well. When using the utility, you can use a UNC to specify the location of the installer, such as "\\server\share\folder\BBD_Update.EXE"
  • Log in to the web site, edit the appropriate group, and fill in the location of this folder. Again, you can use an explicit path, such as "u:\files\BBD_Update.INF" or a UNC, such as "\\server\share\files\BBD_Update.INF".
  • Enable automatic updates, and click Save. Within 30 minutes all sets in that group will run the update installer using the specified login credentials. The update is installed, and security is maintained.
  • Once the update has been installed, disable the login name used for it, or change the password.

Additional Options:

  • By default, when BB finds a new update, it displays a message and the user has to click OK. If the user clicks Cancel, it won't try again until it is restarted. In the utility program, you can select "Run installer without prompting". If you select that, BB will immediately run the installer when it finds it. This way the user cannot click Cancel, and you ensure that the updates get installed. This works very well if you have your computers off or logged out overnight: Set the update file the night before, and when everyone logs in, the update will be installed.
  • By default, the installer shows a few "Next" buttons that require clicking to continue. The utility also allows you to select "Silent Mode". When this is selected, the installer runs to completion without prompting the user. There is no way to accidentally click "Cancel", for example. This works quite well with the above option to quickly get updates installed.

Multi-Location Considerations

  • If you have multiple locations with separate servers, you can have the computers from each location in their own group so you can specify different update instructions for each one.
  • If you prefer to have only one group, set the update file location as required for one location. The computers in the other locations will get this file specification as well, but won't be able to find the file, so they will not run the update. Once the first location has been updated, change the file specification on our web site to one valid for the second location, and continue this until all sets are updated.

Security Note

The software uses AES encryption, also known as Rijndael. This is the Advanced Encryption Standard set by the US National Institude of Standards and Technology, and is the industry standard for keeping data secure. Your login information is very, very secure in the BBD_Update.INF file.

The US has export controls on software with encryption this powerful, so please email us for information on how to get the file creation utility. As long you are not in a country where exporting this technology is illegal, we will send you the utility right away.

"Run-As" Wrapper - Manual Updates and Installations

Internally, the software uses "Run-As" functionality in windows to run the installer as another user. If you prefer to load the updates manually instead of automatically, we have a "Run-As" wrapper program that is used in conjunction with the BBD_Update.INF to allow the updates to be installed manually without revealing passwords and without having to type them at every computer.

To use this, follow the above instructions to create the BBD_Update.INF file, and then put the RunAsWrapper.exe file in the same folder. This file can be downloaded from http://www.bookingbuilder.com/files/RunAsWrapper.zip. Please note that it must be in the same folder as the BBD_Update.INF file. However, the installer can be elsewhere, as long as the BBD_Update.INF file has the correct location.

Now go to each computer where the installer is to be run, and run RunAsWrapper.exe. It will read the BBD_Update.INF file, decrypt the login information, and run the installer using those login credentials. You can easily email the path to your users, and have them run it as well, while still maintaining your security.

For new installations, you can specify a Quick Link using the BBD_Update.INF creation utility, so you can also quickly, easily and securely install new computers this way. Click here for information on creating the Quick Link.

Here is a quick summary of how to use the "Run-As" Wrapper for either new installations or updates:

  1. Identify a shared folder from which all computers in your location can run the update. The path must be same for all computers, and can be a UNC like \\server\share\public folder\RunAsWrapper.exe or can use a drive letter, such as g:\BBUpdate\RunAsWrapper.exe
  2. Save the BookingBuilder Desktop installer (BookingBuilderDesktopSetup.EXE) in this folder, typically downloaded from www.bookingbuilder.com/Release
  3. Run CreateBBUpdateInf.exe and fill in the domain, username and password blanks. The BB version is also required, but it doesn't matter what you put in there if you are using the Run-As Wrapper. If this is a new installation, you can specify a Quick Link ID, and you can also select Silent Mode if you want (this is definitely a good idea for updates). Last, specificy the location of the installer; this must be entered using a path that all of the workstations can see -- the one you identified in #1.
  4. Click Save to save BBD_Update.INF, and save it in the same folder identified in #1
  5. Open www.bookingbuilder.com/files/RunAsWrapper.zip and save RunAsWrapper.exe in the folder identified in #1
  6. There should now be 3 files in the shared folder: BBD_Update.INF, BookingBuilderDesktopSetup.EXE and RunAsWrapper.EXE. Feel free to rename RunAsWrapper to something else if you want.
  7. Start RunAsWrapper.EXE from this folder on the client workstations. It will see the INF file, decrypt it, and start the installer using the credentials and options you specified. Security is maintained, and updates are easily loaded.
  8. To have each agent easily install the update, email them simple insructions, such as: "Click Start, then Run, and enter this in the blank: \\server\share\public folder\RunAsWrapper.exe and click OK."

IMPORTANT: This will only operate on Windows 2000, Windows XP and Windows Server 2003. It will not work on older versions of Windows.

Please note that by running any of these applications, you are indicating acceptance of our license agreement. To see the agreement, run the installer in normal mode, or login to our site web site and click Edit Company; the license agreement is at the bottom of the page.


  
 
Copyright ©2004-2007 LaunchMagic.com, Inc. All rights reserved.
  Privacy Policy       Legal
 

BookingBuilder Technologies
PO Box 112
Mahopac, NY 10541
845-234-4440 Fax: 212-202-7914
E-mail: info@bookingbuilder.com