After some years of repackaging the Nexus Personal or BankID application from their EXE format to a customized MSI for the customers, BankID finally releases the application in MSI format.
A swedish link to a page with both a Swedish and an English PDF document about deployment in enterprise environments: http://www.bankid.com/rp/bankid-sakerhetsprogram/
The MSI can be downloaded from the regular site: http://install.bankid.com
The current release is 4.19.0 and has a new automatic update function since version 4.18.1, all described in the PDF document above. The customers that I have is still locked down in their Windows so I would prefer to remove this update function to avoid helpdesk calls…
I am in the progress of verifying that the following change in %programfiles%\Personal\config\personal.cfg will remove the automatic updates:
Two other settings I like to configure for enterprises in older releases than 4.16 and doesn’t have BankID on smartcards is to allow the user to export the BankID to the old .p12 format instead of the new and better/safer .nge format. As you might have seen, the .nge format must be placed on a USB drive, and that is not always available, certainly not from all XenApp/VDI environments.
The benefit with this method to allow .p12 is that the user can save it to a folder on their homedrive, so you always have a backup of it in the corporate fileserver and you can use it on many computers.
And you can tell BankID to search for a BankID in a specific folder, so if it exists a .pk12 BankID in the folder, it will automatically be imported!
These are the changes I do in the central file %programfiles%\Personal\config\personal.cfg:
So when the user starts BankID for the first time, it will use the central personal.cfg as a template and save it to %AppData%\Personal\Config\personal.cfg
I would recommend to do all of these settings in a MST file to the downloadable MSI file.
The last thing I always do before deploying the package to the test group, I test my BankID on this site: https://test.bankid.com/testbankidcom/