Create Installation Packages for Juniper Secure Connect Rollout
As a system administrator, you can also build your own rollout packages, if required. Building the rollout packages is an optional step. When you create rollout packages for Juniper Secure Connect application, you can install the application across the organization. Read the following steps to learn how you, as a system administrator can prepare the Juniper Secure Connect installer for the software rollout.
You can use an installation package for easy rollout of the Juniper Secure Connect application. You must be assigned the privileges of a system administrator to perform the following steps:
Install the Juniper Secure Connect application manually on one device. After the installation is complete, initiate a connection to the profiles to be saved for the users.
Create a folder with name
JuniperSecureConnectincluding the sub-directories as shown below (all directory are case sensitive):
C:\ProgramData\Juniper\SecureConnect\Datafolder to the following folder:
Copy your CA certificates to the following folder:
Nam_ of_juniper_secure_connect_filename.exeto the following folder:
Open the command prompt using cmd command and navigate to
C:\JuniperSecureConnectfolder path and execute the following command:
Nam_ of_juniper_secure_connect_filename.exe /s /b"C:\JuniperSecureConnect" /v"/qn EXTRACT_MSI_ONLY=1"
(Optional) To add a custom branding option, follow these steps:
cbo.inithat contains the following information:
[GENERAL] Picture=C:\ProgramData\Juniper\SecureConnect\config\cbo.bmp HtmlLocal=C:\ProgramData\Juniper\SecureConnect\config\cbo.html
Create a logo in
.bmpfile format and with
cbo.bmpfile name. The width of the image must be 328 pixels only. The height of the image can be adjusted from 24 pixels and above.
You can optionally create an HTML file with
cbo.htmlas a file name that will open if the user clicks on the logo in the application.
Now copy these three files (
cbo.html) into the following folder:
Skip this step, if you are using pre-shared key authentication method.
For EAP-TLS authentication, you must save the user certificates only with name
user.p12in below directory.
Ensure that user certificate is unique for each installation package.
You can optionally start the installation using the
.msiinstaller. Based on your choice you can also remove one of the installers (
.msi) from the folder if you want to reduce the amount of data distributed:
exe installer prompts for an interactive installation
msi installer can be silent. Following are your options for the msi installer:
Table 1: msi Installer Options
Install the application
Uninstall the application
MSI installer package
0=No shortcut on desktop, 1=Shortcut on desktop
Path for installation log
Forces a reboot of the system automatically without any user notification
Prevents a reboot from happening, a reboot is mandatory to use the application
Users will be prompted to reboot their device, a reboot is mandatory to use the application
Following is the example syntax to install the client silently with a forced reboot and save a shortcut to the application on the desktop:
msiexec.exe /I Juniper_Secure_Connect_Windows_x86-64.msi ProductLanguage=1033 NCP_CREATE_DESKTOPICON=1 /qn /log c:\RemoteAccess\installlog.log /forcerestart