Welcome to WAPT’s official documentation by Tranquil IT, last compiled on 2023-09-21.

Click here for a PDF version of the complete documentation.

WAPT is a software and configuration deployment tool that may be compared to Microsoft SCCM (now called MECM), Ivanti UIM, IBM Bigfix, Tanium, OPSI, PDQDeploy, or Matrix42. WAPT exists in two flavors, WAPT Discovery and WAPT Enterprise.

Main benefits

For System Administrators:

• Install software and configurations silently.

• Maintain up to date an installed base of software and configurations.

• Configure software at the system and user level to reduce the load on support teams.

• Remove unwanted or out of cycle software and configurations silently.

• Reduce your need for support by your IT teams, whose reaction times are often long because of their workloads.

• Reduce as much as possible the consumption of bandwidth on remote sites to preserve it for productive uses.

For IT Security Officers

• Pilot the software installed base to converge to a security standard acceptable to the organization.

• Prepare your enterprise for the coming GDPR and help your DPO keep his register of data processing, because you two will become close colleagues.

• No longer tolerate hosts operating in Administrator mode.

• No longer tolerate users downloading and running software binaries from their home directory.

• Start applying SRPs, also known as Applocker or WDAC to improve application level IT security.

• Reduce the level of exposure to software vulnerabilities and lateral movement attacks.

• Bring up audit indicators for a better knowledge of the state of installed IT devices and their global security level.

• Be prompt to deploy updates to react to cyber attacks like Wannacry or notPetya.

For End-Users

• Have installed software configured to work well in the context of your Organization and trust that they will work correctly.

• Give Users more autonomy to install software safely and reliably.

• Have better working and more predictable professional systems because of standard software configurations.

Presenting WAPT

• Introduction to WAPT
  • For what purpose is WAPT useful?
  • Security Certification from French Cyberdefense Agency ANSSI
  • The genesis of WAPT
• Fundamental principles
  • Repository principle
  • Replicated repository
  • Packages principle
  • Dependency mechanism
  • Private key / Public certificate principle
• WAPT mode of operation
  • Inventory
  • Information feedback
  • WAPT common interactions
  • WAPT Agent behavior
  • Complete diagram of the WAPT operating mechanism
• WAPT Server architecture
  • Repository role
  • Inventory server role
  • Proxy role
• WAPT language and development environment
  • The strength of Python
  • The power of WAPT
• WAPT Editions and versions history
  • Currently supported versions
  • Not supported versions anymore
  • Summary of operating principles in WAPT
  • Current feature list as of 2023-09-21
  • Features coming soon
  • Main functional benefits of the Enterprise version of WAPT
  • Targeted use cases of WAPT Enterprise
  • Description of services available with a WAPT Enterprise contract

WAPT Quickstart

• 1. Quickstart - Installing the WAPT Server
  • 1.1. To read beforehand
  • 1.2. Installing WAPT server
• 2. Quickstart - Installing the WAPT Console
  • 2.1. Installing the WAPT Setup on the Administrator’s computer
  • 2.2. Generating the Administrator’s certificate for signing WAPT packages
  • 2.3. Packet prefix definition
  • 2.4. Activating a WAPT licence
  • 2.5. Creating the WAPT Agent
• 3. Quickstart - Installing the WAPT Agent

WAPT Server

• 1. Checking requirements
• 2. Installing WAPT Server
• 3. Upgrade WAPT Server
• 4. Backup WAPT Server
• 5. Restore WAPT Server
• 6. Using the WAPT Server APIs
• 7. WAPT Server Advanced Configuration
• 8. Enhancing the security of your WAPT setup - Server side

WAPT Console

• 1. How to install the management WAPT console
• 2. How to use the WAPT Console
• 3. WAPT Console advanced mode
• 4. WAPT Secondary Repo
• 5. WAPT Self Service
• 6. WAPTWUA
• 7. WADS OS deployement
• 8. WAPT Reporting
• 9. WAPT Audit Data
• 10. Enhancing the security of your WAPT setup - Console side

WAPT Agent

• 1. Managing the WAPT Agent
  • 1.1. Deploying the WAPT Agent on Windows
  • 1.2. Deploying the WAPT Agent on Linux and macOS
  • 1.3. Manual method to configure the WAPT Agent running on Linux / macOS
• 2. Updating the WAPT Agent
  • 2.1. Updating on Windows
  • 2.2. Updating on Linux and MacOS
• 3. Removing the WAPT Agent
  • 3.1. Windows
  • 3.2. Linux
  • 3.3. MacOS
• 4. WAPT Command Line Interface
  • 4.1. Using the more common functions in WAPT with the command line
  • 4.2. Using special Command Lines with WAPT
  • 4.3. Using the Command Line for user session setup
  • 4.4. Using the Command Line to create WAPT packages
  • 4.5. Using the command-lines for WaptWUA management
  • 4.6. Using the command-line for interacting with users
  • 4.7. Using the command-lines for initial setup
  • 4.8. Using the command-lines with options
• 5. Advanced WAPT configuration
  • 5.1. Description of available sections
  • 5.2. Description of available options by section
  • 5.3. Settings for using multiple repositories

Creating WAPT packages

• 1. Getting start creating WAPT packages
  • 1.1. Setting up your WAPT development and test environment
  • 1.2. Principles of creating package template from the WAPT Console
  • 1.3. Creating your first WAPT Packages
• 2. How to code WAPT packages
  • 2.1. Simple examples of commonly used setuphelper functions
  • 2.2. Improving my package
• 3. Using different IDEs for developing WAPT packages
  • 3.1. Configuring WAPT to use supported IDEs
  • 3.2. Configuring WAPT to use a custom editor
• 4. Package structure detailed
  • 4.1. The control file
  • 4.2. The setup.py file
  • 4.3. The wapt.psproj file
  • 4.4. The icon.png file
  • 4.5. The manifest.sha256 file
  • 4.6. The signature file
  • 4.7. The certificate.crt file
  • 4.8. Other files
• 5. WAPT Setuphelpers apidoc
  • 5.1. Setuphelpers for Windows
  • 5.2. Setuphelpers for Linux
  • 5.3. Setuphelpers for MacOS

Frequent problems and questions

• 1. Frequent problems and questions
  • 1.1. Updating WAPT packages from Python 2 to Python 3
  • 1.2. Resetting the WAPT Linux Server password
  • 1.3. I lost my WAPT private key
  • 1.4. My private key has been stolen
  • 1.5. My BIOS UUID bugs
  • 1.6. The WAPT Deploy utility does not work
  • 1.7. Windows does not wait for the network to be running on startup
  • 1.8. The WAPT Exit utility will not launch
  • 1.9. The WAPT Exit utility halts after 15 minutes and does not finish the installing the WAPT packages
  • 1.10. Error message when opening the WAPT Console
  • 1.11. Error message about package on the WAPT Console
  • 1.12. Problems with registering a host with WAPT
  • 1.13. Problems when enabling enable-check-certificate
  • 1.14. Problems when creating a WAPT package
  • 1.15. Frequent problems caused by Anti-Virus software
  • 1.16. I have an issue with my proxy - THttpClientSocket.SockRecv(1) read = 0
  • 1.17. Common mistakes

Appendix

• Contacting Tranquil IT
• Glossary
• Presentation of the security principles in WAPT
  • Preamble and definitions
  • Perimeter to secure
  • Description of typical user roles in WAPT
  • Description of the sensitive assets in WAPT
  • Description of hypotheses on WAPT’s working environment
  • Description of threats on WAPT’s sensitive assets
  • Description of WAPT’s security functions
  • Presentation of server authentication processes
  • Presentation of server authorization processes
  • Coverage matrices
• Presentation of cryptographic processes
  • Folders and files referenced in this document
  • Definitions of Actors
  • Summary of crypto modules present in WAPT
  • Types of PKI / CA infrastructures in a standard WAPT Setup
  • Key and certificate management for the Administrators
  • Managing the WAPT Agent’s key and certificate
  • HTTPS communication between the WAPT clients and the WAPT repositories
  • Communications between the WAPT Console and the WAPT Server
  • Process for signing a WAPT package
  • Verifying the signature of a package attributes
  • Verifying the signature of a WAPT package
  • Signing immediate actions
  • Verifying the complete download of a WAPT package
• (For software editors) Applying best practices to packaging software
  • Environment variables
  • Program directories
  • Logs
  • Error codes
  • Printing
  • Distribution
  • Update
  • Version numbers
  • GPO
  • License dongles
  • Networking
  • PDFs
• WAPT release Strategy
  • Release delay between the Enterprise and the Discovery versions
• Security bulletin
  • WAPT-2021-01 : CVE-2021-38608
• Changelog
  • WAPT-2.4 Serie
  • WAPT-2.3 Serie
  • WAPT-2.2 Serie
  • WAPT-2.1 Serie
  • WAPT-2.0 Serie
• WAPT End user License Agreement
  • Definitions
  • Grant of rights
  • No derivative works
  • Ownership
  • Confidentiality
  • Disclaimer of warranties
  • Limitation of liability
  • Indemnification
  • Termination
  • Updates and support
• External component licenses used in WAPT