tags:

views:

725

answers:

2
+4  Q: 

How do I add the interactive user to a directory in a localized Windows using WiX?

How do I add the Swedish interactive user, 

NT INSTANS\INTERAKTIV

or the English interactive user, 

NT AUTHORITY\INTERACTIVE

or any other localised user group with write permissions to a program folder's ACL?

Is this question actually "How do I use secureObject"? I cannot use the LockPermissions Table because I undestand inheritance is removed. secureObject permissions seem to require CreateDirectory rather than Directory...

+3  A: 

There is no way as such to add both account names to an ACL since they are one and the same. The name you see corresponds to a SID, and that SID is identical in both the English and Swedish localizations. In the case of the INTERACTIVE group, that SID is S-1-5-4.

I haven't followed WiX in a long while, but I expect there has to be a way to specify SIDs for ACLs instead of account names. You should never, ever rely on the account name for well-known accounts unless there is absolutely no way to avoid it. Here is a list of well-known SIDs for reference.

Edit: This post seems to provide a solution to your problem using a custom action to translate the SIDs to account names - apparently WiX doesn't out of the box support using SIDs for Permission or PermissionEx objects.

Here is a more authoritative list of well-known SIDs in Q243330 of the Microsoft Knownledge Base.

Mihai Limbășan  2008-10-04 11:59:22
Thanks, I meant the interactice user in any language, so you´re right that if I can use the SID that resolves to the user then I'm past the language problem. I still need a good example in WiX of how to do just this.
nray  2008-10-04 13:15:07
Yup, using the SID is the fix. I've edited my answer to include new information. Perhaps you could also edit your question to better reflect what we've found out.
Mihai Limbășan  2008-10-04 13:49:06
+6  A: 

With recent releases of Wix, you can retrieve the localized names of often-used built-in user and group names via a property. For example, WIX_ACCOUNT_NETWORKSERVICE contains the localized name of the Network Service account. Unfortunately, as of 3.0.4513 NT AUTHORITY\INTERACTIVE is not among them.

There exists a sample MSI custom action that creates properties for many of the built-in user and group names. Get it here. Add the CA to your Wix installer and schedule it early in the install execute sequence.

Once you have the localized account name, add a PermissionEx element to modify your directory's ACL. For example:

<Directory ...>
   <Component ...>
      <CreateFolder>
         <PermissionEx User="[SID_INTERACTIVE]" .../>
      </CreateFolder>
   </Component ...>
</Directory ...>
Paul Lalonde  2008-10-04 17:57:24

related questions

Best Windows Installation file Creator?
How to run a script in WiX with a custom action - simplest possible example?
Add/Remove for my application showing up in roaming user account.
Registering a COM server with WiX
Install a chain of embedded msi packages ech using an embedded Ui - display common progress bar
How can I determine that Windows Installer is performing an upgrade rather than a first time install?
Windows Installer - upgrade resuming after reboot
How to register file types/extensions with a WiX installer?
How to write an installer that checks for openGL support?
Install PHP on XP / IIS 5.1?
Update SQL Sever Database Schema with software update
Executing a script file from a Windows Installer Custom Action
Windows Installer: How do I create a start menu shortcut for Administrator only?
Displaying the correct size in Windows' Add/Remove Programs
Installation of demo project - best practices
How can I make my VS2008 x86 installer install x64 assemblies on x64?
Make wix installation set upgrade to same folder
What are the advantages of installing programs in AppData like Google Chrome?
What can cause .NET assembly registration to fail?
Installer changes PATH variable, changes don't show up in Command Shell
stopping MSI from launching an EXE in the SYSTEM context
best practice for releasing Microsoft dll's in setup
Image size for BannerBitmap property in Windows Installer
What is the best choice for building Windows installers?