tags:

views:

643

answers:

2
+2  Q: 

Executing a custom action that requires elevation after install

I have the following wix snippet: 

<Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOX" Value="1" />
<CustomAction Id="StartAppOnExit" FileKey="Configurator.exe" ExeCommand="" Execute="immediate" Impersonate="yes" Return="asyncNoWait" />
<Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOXTEXT" Value="Configure initial settings" />
<UI>
  <Publish Dialog="ExitDialog" Control="Finish" Order="1" Event="DoAction" Value="StartAppOnExit">WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed</Publish>
</UI>

Basically on the exit dialog I display a box that says: launch app. note: this app requires elevation. This all works fine except for a snag. If UAC is enabled it seems that the MSI mucks around with the user token and strips its groups, so when it tries to launch the app that requires elevation it is no longer an option.

How do I string this together to work?

I tried chucking an Impersonate="no" but its too late at that point for this to work.

+5  A: 

The UI sequence is running as a limited user, and it launches applications with a call to CreateProcess. If you use something like a WixShellExec with [WixShellExecTarget] instead, it will act like Explorer and show a UAC prompt if the target requires elevation. Or you could modify your Configurator.exe to allow being launched without elevated privileges, detect that case, and relaunch itself with elevated privileges.

For example, this should work: 

<Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOX" Value="1" />
<CustomAction Id="StartAppOnExit" BinaryKey="WixCA" DllEntry="WixShellExec" Execute="immediate" Return="check" Impersonate="yes"/>
<Property Id="WixShellExecTarget" Value="[#Configurator.exe]"/>
<Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOXTEXT" Value="Configure initial settings" />
<UI>
  <Publish Dialog="ExitDialog" Control="Finish" Order="1" Event="DoAction" Value="StartAppOnExit">WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed</Publish>
</UI>
Michael Urman  2010-02-24 14:28:06
Thanks heaps, I added a sample so people do not need to navigate to the message board
Sam Saffron  2010-02-24 22:37:24
A: 

FYI, Immediate custom actions are ALWAYS impersonated (i.e. they always run as the user who executes the MSI).

I like Michael Urman's idea regarding making your Configurator.exe handle the elevation issue.

I wonder if you could also just include a manifest in your EXE so that the OS knows elevation is always required.

Bryan Batchelder  2010-02-24 15:44:53
Regarding your wonder, the problem is the combination of needing elevation, and the fact that CreateProcess cannot elevate the processes it creates. Instead CreateProcess returns ERROR_ELEVATION_REQUIRED, which custom code can handle. Windows Installer just reports the error.
Michael Urman  2010-02-25 14:31:06

related questions

Windows Installer - upgrade resuming after reboot
How do I test if another installation is already in progress?
Using InstallUtil and silently setting a windows service logon username/password
Installer gives 2732 error :Directory Manager not initialized
How do I create an installer for a .Net website, Windows Service, and more???
How to replace a file in a msi installer?
How do I deploy registry keys and values using WiX 3.0?
How to implement WiX installer upgrade?
How to refer to the path to an assembly in the GAC within registry entries added by a Windows Installer package?
MSI installer: Adding multiple properties to SecureCustomProperties
How to add a version number to an Access file in a .msi
Displaying the correct size in Windows' Add/Remove Programs
Can a .msi file install itself (presumably via a Custom Action)?
Is it feasible/sensible to wrap an InnoSetup installer inside an MSI for easier distribution via AD?
How do you find out the ProductCode from a .Net Installer class custom action
Make wix installation set upgrade to same folder
.MSI Not Always Uninstalling Previous Versions
What can cause .NET assembly registration to fail?
What does the EXE do in the Visual Studio setup project output
MSI Installer fails without removing a previous install
stopping MSI from launching an EXE in the SYSTEM context
Pushing out MSI files
Call Project Server Interface web method from an msi installer
Visual Studio Setup Project Custom Dialog
What is the best choice for building Windows installers?