Export via CLI (Enterprise Edition only)
AppProfileSafe exports can be run from the command line for automation, scheduled tasks, and scripted deployments. The CLI is a separate executable (AppProfileSafe.CLI.exe) that runs the same engine as the GUI with native console support for output redirection and pipes.
Basic Syntax
AppProfileSafe.CLI.exe --export --manifestFile "<path>" --apps "App1,App2,..." [options]Required Parameters
| Parameter | Description |
|---|---|
--export |
Run in export mode |
--manifestFile "<path>" |
Full path to the manifest XML file to create. The directory containing this file is used as the export root. |
--apps "A,B,C" |
Comma-separated list of application names (must match definition file names without .xml) |
Optional Parameters
| Parameter | Description |
|---|---|
--silentMode |
Suppress all console output (log file only). Useful for scheduled tasks. |
--strictAppSchemaValidation |
Validate all app definitions against the XSD schema before export. Abort with exit code 1 on any validation failure. |
--preflight |
Run preflight checks only, without performing the actual export. Produces a JSON report. See What Preflight Checks Validate. |
--userSettingsFile "<path>" |
Path to a user settings file that overrides path values from the base settings.xml. Only the <Paths> block is evaluated. See Configuration: settings.xml. |
UNC Network Share Options
When the manifest path points to a UNC network share, you can provide credentials using one of two methods:
| Parameter | Description |
|---|---|
--unc-user "<user>" |
Username for UNC share authentication (format: DOMAIN\User or user@domain) |
--unc-password "<pass>" |
Password for UNC share authentication (used together with --unc-user) |
--unc-credential-store |
Read credentials from Windows Credential Manager. The target is auto-derived from the UNC share root in the manifest path. |
For scheduled tasks, store credentials in Windows Credential Manager first, then use --unc-credential-store:
cmdkey /add:\\server\share /user:DOMAIN\admin /pass:secretSee Working with UNC Paths for details.
Examples
Basic Export
AppProfileSafe.CLI.exe --export --manifestFile "C:\Backup\Manifest.xml" --apps "Firefox,Chrome"Silent Mode (for Scheduled Tasks)
AppProfileSafe.CLI.exe --export --manifestFile "C:\Backup\Manifest.xml" --apps "Firefox" --silentModeExport with Custom User Settings
AppProfileSafe.CLI.exe --export --manifestFile "C:\Backup\Manifest.xml" --apps "Firefox" --userSettingsFile "D:\Configs\test-env.xml"Export to UNC Share with Inline Credentials
AppProfileSafe.CLI.exe --export --manifestFile "\\server\share\Manifest.xml" --apps "Firefox" --unc-user "DOMAIN\admin" --unc-password "secret"Export to UNC Share Using Credential Manager
AppProfileSafe.CLI.exe --export --manifestFile "\\server\share\Manifest.xml" --apps "Firefox" --unc-credential-storePreflight Only (No Actual Export)
AppProfileSafe.CLI.exe --preflight --export --manifestFile "C:\Backup\Manifest.xml" --apps "Firefox,Chrome"Console Output
When not in silent mode, the CLI writes progress to the console using a pipe-separated format:
Type|Source|Destination|ResultWhere Type is Operation, Registry, or File, and Result is Success, Error, or Skipped.
Startup Sequence
Before performing the export, the CLI executes the following checks in order:
- Verify administrator privileges (exit code 2 if not elevated)
- Parse and validate arguments (exit code 1 on invalid input)
- Load base
settings.xml; if--userSettingsFileis provided, validate against XSD and merge path overrides (exit code 1 on validation failure) - Validate the license (exit code 3 on license failure)
- Test SIEM connection if configured and active (exit code 4 if unreachable)
- Verify audit log integrity (exit code 5 on integrity failure)
- Acquire single-instance mutex (exit code 2 if another instance is running)
- Connect to UNC share if applicable
- Validate app definitions (with
--strictAppSchemaValidation) - Execute the export
Exit Codes
| Code | Meaning |
|---|---|
0 |
Success |
1 |
User error — invalid arguments, missing files, or validation failure |
2 |
System error — export failure, I/O error, or insufficient privileges |
3 |
License error — missing, invalid, or expired license |
4 |
SIEM error — SIEM integration is active but the endpoint is unreachable |
5 |
Audit error — audit log integrity check failed |
For a full list of exit codes and their meaning, see Exit Codes.
See Also
- How to Create a Backup (GUI) — Interactive export via the GUI
- CLI Command Overview — Full command-line documentation
- Full Parameter Reference — All parameters in one table
- Silent Mode Behavior — Details on the
--silentModeflag - Export Troubleshooting — Solutions for common issues