Deploying Acrobat to Import Security Settings from a Server

| No Comments

Over the past few weeks I’ve had the same conversation with several customers who are trying to deploy Acrobat and Reader using the Customization Wizard but know that they will need to change the security configuration soon after deployment and then again throughout the lifetime of that particular desktop image.

Background:

Acrobat 9.0 introduces a new feature that helps users and organizations migrate existing security settings through version upgrades and across multiple machines. Settings can only be exported from Acrobat but settings can be manually imported by both Acrobat and Adobe Reader.

However, if your organization distributes security settings periodically, you can set up Acrobat and Reader to regularly check in with a server for updates to these policies. Server-based security is set up by an administrator who provides the URL from which to get security updates. Once the application is configured, Acrobat will periodically poll the server for updates and can be configured to ask the user before they get installed.

Note: Click on the images to see a larger version.

How to Deploy Acrobat to Import Security Settings from a Server

Before you begin:

  1. Download and Install the Customization Wizard 9
  2. Install a copy of Acrobat 9 Standard, Pro or Pro Extended
  3. Place the Acrobat installer files in a folder somewhere on the same computer as you installed Acrobat in step 2

The easiest was to get the registry settings created exactly the way you want them is first to set up a copy of Acrobat to work with the settings you want to deploy out to everyone else then follow the instructions here to Export Security Settings. Once you have an .acrobatsecuritysettings file, figure out where on your server you want to put it. Test it on a fresh copy of Acrobat or Reader by manually configuring it to Import Security Settings from a server as described here.

Then start the Customization Wizard 9 and follow the steps below. The steps describe ONLY what’s necessary to set up importing security settings from a server. You’ll probably want to configure other settings as well.

Go to the Registry tab and locate in the "My Computer" registry setting that corresponds to the path…

[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Security\cDigSig\cCustomDownload]

Then in the bottom "Destination Computer" section, Navigate to…

[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0

Right-click on the little 9.0 folder and select "New" then "Key" from the fly out.

Add a new key called "Security"

Now right-click on the "Security" folder you just created and add a new key called "cDigSig".

Now drag the "cCustomDownload" folder from the top into the newly created "cDigSig" folder.

The "Registry" tab should now look like the image below.

Now just save the transform and you’re done. When you deploy Acrobat it will know where to look to get security updates. This all works for Reader too with no changes to the instructions.