How to run Process Monitor (ProcMon) inside the App-V virtual environment

  • Article

imageHi everyone, Mark Stanfill here. Running Process Monitor (ProcMon) to troubleshoot Microsoft Application Virtualization (App-V) client issues such as missing files, access denied errors or other file and registry-based issues is sometimes necessary to successfully package an application. This post details a simple method to allow you access inside the App-V virtual environment (bubble) for troubleshooting purposes. The procedure consists of 4 main steps:

1. Create a shortcut to an application

2. Edit the shortcut to launch a command prompt inside the App-V bubble

3. Launch ProcMon or other troubleshooting tools

4. Optionally fix the issue

Create a shortcut to an application

Start by identifying an executable inside the package you are investigating. To do this, launch the Application Virtualization client through Start\Run\Sftcmc.msc. In the Application Virtualization client, select Applications and identify your problem application. Right-click on the application on the right-hand pane and choose New Shortcut… . Follow the wizard's prompts to create a shortcut. On the New Shortcut - Step 1 screen, change the name to something easy to identify such as Command Prompt in ApplicationX Bubble. On the New Shortcut - Step 2 screen, click The Desktop for the location to place the shortcut. Leave command line parameters blank for now.

Edit the shortcut to launch a command prompt inside the App-V bubble

Right-click on the newly created shortcut on your desktop and choose Properties. Edit the Target: text to include the string /exe cmd.exe between Sfttray.exe and /launch. For example, this command line:

C:\Program Files (x86)\Microsoft Application Virtualization Client\sfttray.exe" /launch "DefaultApp MFC Application 1.0.0.1

Becomes:

C:\Program Files (x86)\Microsoft Application Virtualization Client\sfttray.exe" /exe cmd.exe /launch "DefaultApp MFC Application 1.0.0.1

Click Apply and OK to save the shortcut.

image

Launch ProcMon or other troubleshooting tools

Double-click on the shortcut to launch the command prompt in the App-V bubble. From the command prompt, type the full path to Procmon.exe to launch it (for example c:\temp\procmon.exe). Procmon will have full access to changes occurring inside the bubble at this point.

clip_image004

Optionally fix the issue

At this point, troubleshooting will depend on the type of application failure you are experiencing. It is possible to fix individual issues such as missing registry keys through Regedit.exe, file permissions (via cacls.exe), etc. These changes only affect the local installation of the package. To fix the issue permanently, you will need to open the package for upgrade in the App-V Sequencer, resolve the issue, then save and publish the modified application.

FAQ

Q: Why do I need a command prompt? Why can't I use Windows Explorer?

A: It is not possible to load the Explorer shell directly from App-V. Access to files is limited to command-line tools. Other GUI tools may, however be launched from the command prompt. One trick to see a full Explorer view is to launch a tool that exposes a file…open dialog such as Notepad.exe and then use that to navigate. You can launch executables through the common file dialog via the right-click context menus.

Q: Why load a command prompt and not just specify /exe ProcMon.exe directly in the command line?

A: This technique will work, but it relies on either specifying the entire path to ProcMon.exe or else putting it in a folder in the user's path. We find that most troubleshooting involves multiple tools and troubleshooting steps inside the bubble, so keeping a command prompt open rather than running multiple commands is more efficient.

Q: I have System Center Configuration Manager (ConfigMgr) in my environment. My Target: text specifies VAppLauncher.exe and adding /exe cmd.exe doesn't seem to work.

A: Replace VAppLauncher.exe with the complete path to sfttray.exe (normally C:\Program Files (x86)\Microsoft Application Virtualization Client\sfttray.exe). VAppLauncher does not support the /exe switch.

Q: How can I verify that a command prompt is inside or outside the bubble?

A: The easiest way is to type set SFT_MNT in the command prompt. This variable will not be set outside the bubble. Inside the bubble, you should see a response like SFT_MNT=Q:.

Q: Do I need to specify /externalcapture in the ProcMon command line?

A:  /Externalcapture allows Procmon to see in to the App-V bubble without first launching a command prompt in the bubble.  If all you need to do is to gather diagnostic information (i.e. you are not going to attempt to fix the issue and don’t need to run any other commands against the package), ProcMon.exe /externalcapture can be ran directly from Explorer to capture data from applications running under App-V.

Mark Stanfill | Senior Support Escalation Engineer

Get the latest System Center news on Facebook and Twitter :

clip_image001 clip_image002

App-V Team blog: https://blogs.technet.com/appv/
ConfigMgr Support Team blog: https://blogs.technet.com/configurationmgr/
DPM Team blog: https://blogs.technet.com/dpm/
MED-V Team blog: https://blogs.technet.com/medv/
Orchestrator Support Team blog: https://blogs.technet.com/b/orchestrator/
Operations Manager Team blog: https://blogs.technet.com/momteam/
SCVMM Team blog: https://blogs.technet.com/scvmm
Server App-V Team blog: https://blogs.technet.com/b/serverappv
Service Manager Team blog: https://blogs.technet.com/b/servicemanager
System Center Essentials Team blog: https://blogs.technet.com/b/systemcenteressentials
WSUS Support Team blog: https://blogs.technet.com/sus/

The Forefront Server Protection blog: https://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog : https://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : https://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: https://blogs.technet.com/b/isablog/
The Forefront UAG blog: https://blogs.technet.com/b/edgeaccessblog/