Vista Packaging

3
May

New Properties in MSI 4.0, closely tied to Windows Vista & Longhorn

Posted by nhundal (0) Comment

Microsoft has released Windows Installer Service 4.0 with Windows Vista. This new version of msi engine introduces some new properties which are exclusively available to msi based installations targeted for Windows Vista & Longhorn.

MSIARPSETTINGSIDENTIFIER – The MSIARPSETTINGSIDENTIFIER property contains a semi-colon delimited list of the registry locations where the application stores a user’s settings and preferences. During an operating system upgrade, this information can be used by the setup to improve the experience of users migrating applications.

MsiLogging – This property can be used to enable automatic logging within the msi package. This propety value can be set to MSI logging parameters within the property table. Some valid values of this property would be: iwe, iwearcmpvo. Setting this property is the same as running your msi package with the /l option to create a log file. Note:You cannot use the “+” and “*” values of the /L option in the property value.

MsiLogFileLocation – This read/write property can be used to specify the name and location of the log file created by the MsiLogging Property. Not setting this property will automatically create a log file in the user’s temp location, the value of which will be set to this property.

MsiSystemRebootPending – This property is set to 1 if the target system has a pending reboot. This property can be used by setup in a launch condition to determine if a reboot is pending on the system.

MsiRunningElevated – This property is set to 1 if the msi package is being run with elevated privileges. This property is similar to using the Privileges property in msi 3.1 and earlier. MSIRESTARTMANAGERCONTROL - This property enables setup authors to specify whether the package will use the Restart Manager or FileInUse Dialog to handle locked files at installation time.

  • The default value of this property is ‘0’, which forces the setup to interact with Restart Manager in case a locked file is encountered by the msi package.
  • Setting this property to ‘Disable’ will force the msi package to use FileInUse Dialog instead.
  • This property can also be set to “DisableShutDown”, which will mitigate Restart Manager’s ability to restart the machine in case of a reboot being triggered by the windows installer package. Using this property however does not disable Restart Manager from identifying files locked by applications and displaying the Restart Manager dialog.

MsiRestartManagerSessionKey - This value of this property is set to the Restart Manager session by the Microsoft installer.

MSIDISABLERMRESTART – This property is used to determine how applications and services that have locked files that need to be updated, will be handled after the update.

  • Setting this property to ‘0’ will force all the services that were shut down during an update to be restarted and applications registered with the Restart Manager to be restarted after the update.
  • Setting this property to ‘1’ will force all the processes (services & applications) that were shutdown during an update to not be restarted.

MSIRMSHUTDOWN – This property is used to determine how applications and services that are using files affected by an update should be handled during an update.

  • Setting this property to ‘0’ will cause all the processes using files affected by the update to be shut down.
  • Setting this property to ‘1’ will force all the processes using files affected by the update to be shutdown even if they don’t respond to Restart Manager.
  • Setting this property to ‘2’ will cause the processes using files affected by the update to be shutdown only if they are registered to be restarted by the Restart Manager. If any process is not registered for a restart, then it will not be shut down.

MSIUSEREALADMINDETECTION – Setting this property to 1 will request the installer to use the actual user information when setting the AdminUser property.

Category : Vista Packaging | Blog
8
Apr

Is your Repackaged msi Foul-Proof?

Posted by nhundal (1) Comment

The art of converting legacy installation into a windows installer package is known to many and accepting the Vendor Repackaging tool’s output, a standard practice. While we create an msi package through the reverse engineering process of Repackaging, we are often content with making sure the application works and passes the User Acceptance test. But is that enough to ensure that the msi package is foul proof? The multiple auto-repair of windows installer and breaking of applications in a locked down environment are some of the issues facing system administrators today that would suggest otherwise.
Following are some key notes and best practices that one can follow to ensure that the package is foul proof:

  1. Package Clean /Test Dirty – Repackage your application on a clean machine. This will ensure that Repackaging tool picks every single file, registry key, and other system changes made by the legacy setup. If the legacy setup fails to overwrite a file or key as it is already present on the machine, your Repackaging tool will fail to capture that information. When testing your repackaged application, ensure that it is done on a dirty machine (a typical end user machine). This will not only help you identify if the repackaged application needs to be isolated due to newer versioned Shared resources, but also help find potential conflicts between your msi package and other applications on the machine
  2. Keep Data specific to the Application – The data inside your msi package should be specific to the repackaged application. Another advantage of repackaging on a clean machine is that it reduces the likelihood of junk data (data not pertaining to the application) being captured by the Repackaging tool, thus producing a clean package.  You can open the repackaged output in tools such as InstallShield Repackager to clean the msi package before building it.
  3. Use Organization wide Standards – Ensure that the logic used within the msi package is standard across the organization. Following are some recommended standardizations:      
      • Do not use hard-coded paths in the msi package, use pre-defined folders instead. E.g. Instead of using C:\ as the destination of a component or a path in a property value, use [WindowsVolume] pre-defined folder 
      • When installing to a map drive, do not assume that the map drive will exist in the environment. Create a custom action that checks to see if the map drive exists and sets its value to a property. This property should be used as the destination instead of the hard  coded map drive path
      • Set the ALLUSERS property in the Property Table to 1 for a per-machine package and ‘{}’ for a per-user package. Setting it to 2 ads an air of ambiguity
      • Set LIMITUI to 1 in the Property Table to always run the installation in a basic UI mode
      • If available, set the SOURCELIST property to a network source path where the msi package will be stored after the application is deployed in the production environment
      •  When creating custom actions, use vbscript custom actions as they are open source(can be stored and edited inside the msi package), provide for means to interact with the windows installer package via Session and Installer objects and most importantly free of any dependencies. (assuming vbscript run time is installed in the environment
      •  When deleting existing files, folders or registry keys from the system, use the RemoveFile and RemoveRegistry tables as supposed to custom actions. This will ensure that , in case of an error these changes are rolled back successfully
      •  If you must make a change on the system via a custom action, ensure that the custom action is deferred and the msidbCustomActionTypeNoImpersonate bit is set. This will ensure that the custom action inherits elevated privileges from the installed
      • Place all your custom actions in the Execute Sequence to ensure that they are invoked during silent mode and use appropriate conditions on the custom actions to only run when intended
  4. Create the Package with the User in mind – When creating the windows installer package, make reservations and or provisions for a locked down user. Also follow the windows installer best practices to ensure that new or subsequent users logging in on the machine are able to successfully use a system managed application. Following are some windows installer best practices for handling the above:   
      • Test your application for a locked down user. If necessary, give the user permissions to access folders and registry keys that the application tries to write to via the Locked Permissions table. Do not open higher level folders such as C:\Program Files, C:\Windows or C:\Windows\System32 for locked down users. Instead, set permissions on the exact sub-directory that the application needs access to:
      •  If the application has registry keys in the HKCU hive, make sure that all of these registry keys are in a single component in your msi package and one of the keys is set as the Key path. This will cause a repair when a new user logs on the machine for the first time to make the user data available to the user
      •  Components installing files to a user profile directory should contain a registry key path as supposed to a key file
  5. Validate the Package – It is important that you ICE Validate your msi package and fix any ICE Errors or warnings that you get. An ICE free package is a way to ensure that the package follows windows installer best practices. Another important step is to check for conflicts between the msi package and the target Operating system or any other applications that may co-exist with this package on the system. You can check for conflicts in your msi via Application Manager (a.k.a Conflict Solver) in AdminStudio 8.0 suite.

Category : Vista Packaging | Blog
17
Jan

How to design msi packages for Windows Vista?

Posted by nhundal (6) Comment

Microsoft has introduced a new security model called the UAC in Windows Vista. The UAC forces all users including administrators to run Windows Vista in a lock down environment. The UAC a.k.a User Access Control, locks the machine down and prompts the user to elevate privileges when a package is run.

Ideally the UI Sequence of the package is run in a locked down environment, however UAC will display a Shield icon dialog before running the Execute Sequence to ensure that the package has enough privileges to make modifications on the system. Windows Vista checks the Signature on a package when you run it. If the Signature is valid, it provides the appropriate UAC Prompt. If a package is not signed, the user gets a prompt that says the package is harmful.

MSI 4.0 Enhancements for Windows Vista

  1. Credential Free Patching – a.k.a Sticky ElevationWhile the install and uninstall require elevation of privileges for a per-machine installation, you can design the patch or upgrade to suppress the UAC prompt by performing a sticky elevation. In order to so, you will have to sign the msi package and its patch with the same certificate. The MSIPatchCertificate table in the msi package should be authored with the same certificate as the MSIPatchCertificate table in the patch or upgrade for this to work.
  2. Packages can be marked as not requiring elevated privileges. You can do this to per-user installs that do not need access to restricted components of the Windows OS.
  3. You can add “Shield” icon to your msi package to indicate that it requires elevated privileges.
  4. Elevation prompt is not displayed during a silent installation or upgrade.

Things to Keep in Mind when Creating packages for Windows Vista

Following are some of the things to keep in mind when creating msi packages for Windows Vista deployment.

  • AdminUser Property
    1. AdminUser property commonly used to check for admin rights will not work in UAC. Microsoft has decided to set this to TRUE by default for Application Compatability reasons.
    2. Use MSIUSEREALADMINDETECTION property instead
  • Custom Actions
    1. Custom Actions in the UI Sequence will run with standard user privileges
    2. For Custom actions requiring admin rights, mark custom action as Deferred – No Impersonate
  • ALLUSERS Property
    1. Set ALLUSERS to 1. Do not give the option to change it.
    2. Not setting ALLUSERS will make the package unmanaged and will disable a lot of UAC features
    3. Will not be able to perform Sticky Elevation if the msi package does not have the ALLUSERS property set in it
    4. Set the ALLUSERS property to 1 in the upgrades and patches
  • Creating a true Per User package
    1. Microsoft’s Click-Once Technology will enable you to create a true managed or per-user package.
    2. If you can not use Click-Once, then you can make your package not require elevated rights. Make the following required changes in your package to make to support a per-user install:
        1. Set the WordCountSummary property to Bit 3
        2. Do not set ALLUSERS (set it to 0 or nothing)
        3. Make sure the package only writes to user folders and HKCU registry keys.
        4. Do not add Custom Actions that require admin privileges to run on the machine
  • BootStrapper
    1. BootStrappers are detected by the Installer Detection (ID) and will receive a UAC Prompt
    2. Use a manifest file to ensure that the bootstrapper requests appropriate level from UAC
    3. Ideally MSI should handle elevation, unless you must have the bootstrapper elevate, in which case you will need the manifest file
    4. If the bootstrapper launches multiple MSIs, each will prompt the UAC dialog. To avoid this, advertise the package with /jm or Advertisement APIs with system rights, and then execute each package as a regular user

Note: The above information has been gathered from Microsoft’s Website and Webinars on Windows Vista and MSI 4.0.

Category : Vista Packaging | Blog