Is it possible to define a Windows Installer-uninstaller filename? [duplicate] - windows

This question already has answers here:
The UAC prompt shows a temporary random Program Name for msi, can the correct name be displayed?
(2 answers)
Closed 5 years ago.
Hi!
Would somebody answer my question, please?
I need an user-friendly WIX uninstaller filename, how to achive it?
It looks like windows set an artificial name which looks like a password :)
Thank you very much.

UPDATE: It appears signing the MSI with signtool.exe and the /d switch will change this behavior as explained in these answers
(thanks to Phil for finding this):
The UAC prompt shows a temporary random Program Name for msi, can the correct name be displayed?
Odd 'Program name' when installing signed msi installer
Slipstreaming in a relevant link: Installshield Custom Dialogue Installer
The name you are seeing is probably the random hex name assigned to a copy of the original installation database that is cached on the system in %SystemRoot%\Installer (normally C:\WINDOWS\Installer). This is a "super hidden" OS folder, and it should never be touched in any way at all.
A sample path to such a database could be: C:\WINDOWS\Installer\7da655.msi. I am pretty sure this is what you are seeing in your UAC prompt. Please verify or better yet add a picture of it to your question for other people's reference.
This cached database, with the weird name, is used during modify, repair and uninstall operations for the software in question. What WiX is showing you is in every way the correct information - it is what a system administrator might even need to see at some point. However, other setup creation tools do things differently, often showing the vendor and the product GUID instead of the full path to the cached database.
So that was the explanation - now we have to wait for one of the WiX guys to actually answer whether it is possible to change this display type. As such this is more of a comment than an answer, but it should be relevant to understand what is going on. I am also going to have a look now to see if I see any options to change this in WiX.
In my personal opinon the WiX display is superior to some of the other UAC dialogs shown for other MSI files, but I realize you find this information too detailed for your users. I suppose they could hide this path in the "more information" section.

Related

InstallShield FilesInUse

I'm using InstallShield AdminStudio 2014 (integrated in VS, but I can edit stand-alone too) and I want to close an application if it's open before installing. I have found the Custom Action KillProcess, and that works, however, it's a non-UI immediate kill of the processes no questions asked. I see the built in FilesInUse Dialog that most of us have seen before when running an install warning us to close the listed applications before continuing with a RETRY button once you've closed them. The problem is, I can't seem to find any documentation or posts online, even in the Users Guide and sample installs on how to populate the list; and what other, if any, actions are required after that. I was able to put the dialog in the UI sequence but when I select retry it immediately ends the install, ignore continues. So I know I'm missing some pieces to it. At a minimum how do I populate the list of files. I know some things are not entirely obvious like KillProcess requires you to populate a semi-colon delimited property called ISTermiateProcesses and not a property of the Custom Action.
Any help on this would be greatly appreciated. I've reached out to known IS users and they didn't know how to use this feature either, many searches later, I'm posting here. This is the last step holding up a project ready for QA.
Thanks in advance...
The FilesInUse dialog is a Windows Installer thing, and Windows will populate it with the processes it can discover that are using files that will be replaced. In general you don't need to populate it. Older versions of Windows are not as good at detecting the processes using files that are to be replaced. It's not obvious why you want to kill the process if Windows hasn't found that it impacts your install, unless you have an older OS version.

List of UAC prompt triggers?

I just ran an old program I had written years ago, several years before Vista was released. Windows (7) gave me the UAC prompt and asked for permission to run it. I was surprised because it is a relatively simple program which does nothing too fancy and certainly nothing that should require elevated privileges. I then checked the directory and sure enough, Windows is overlaying the shield icon on the program.
I did a quick scan of the code and do not see anything that would obviously trigger a UAC prompt. Moreover, the program shares a framework with several other programs I had written, none of which have the UAC requirement. The program in question, as well as the others which don’t trigger the UAC prompt are all stored in the same directory on a (FAT32) flash-drive.
The only really unique thing about this program that differs from the other, nearly-identical programs is that it uses ShellExecute to allow the user to launch the default web-browser to open selected URLs, but I can’t imagine if/why that would actually require elevated permissions.
Now I am trying to find some sort of information about what kind of heuristics Windows uses to determine whether it should use the UAC prompt or not. I know that old installers usually trigger the prompt, but those are usually called setup.exe or install.exe, while this has a pretty innocuous name (udb.exe). I suspect that it is detecting certain function calls or some such (of course, that would mean that Windows Explorer reads and disassembles the of all executable files which seems doubtful).
I assumed that there would exist some information on this, but the research I did only found a few off-site discussions (no mentions in the “similar question” lists above or to the right), which listed a few causes, none of which seem to apply:
A specific request of the program (which is not possible since it was written before UAC existed),
Lack of manifest (which it does have and would not explain why the other programs don’t trigger it)
An internal list of filenames/paths (not applicable here)
Source (again, that doesn’t explain the other programs being okay)
Access to restricted files/registry keys (not applicable here either)
Resource entries (again, the other programs share common resource data)
Other system-related activities (again, not applicable to the program)
I eventually found a few related questions like one that asked what I am, but that ended up with a completely different outcome which is of no help here, or another one which asked a similar, yet opposite question of equally no help. Unfortunatly, the best question I found was about an installer/updater (which of course, does not apply here), and was also no help because the answers were just the same old information I had found on other sites and listed above.
Does anybody know of a list of UAC triggers or some other way to figure out why Windows would think that some programs would needs elevation? Is there a list of restricted API functions or something?
To be clear, I am trying to find out why Windows is flagging one program for UAC, but not another, similar one.
Original Answer (2014 July 04)
A search for UAC heuristics yields this blog entry: Identification of Administrative Applications. On that page:
The O/S makes a decision that the application looks like an installer or updater and will automatically invoke elevation to run the program with administrative permissions/privileges when a user runs it.This decision is based on a heuristic. Here are some of the heuristic detection points, although this list is not exhaustive:
File name detection – looks for the words “setup”, “update”, “install” in the filename
SxS Manifest word detection – looks for well-known values in the assembly name attribute program’s SxS Manifest
String table detection – looks for well known values in the string table within the resource section of an executable
Thus Xearinox is simply not correct that it is completely based on permissions.
One way you may be able to find out why your program is triggering the UAC prompt is to use Process Monitor and check for permission errors.
Update (2020 July 29)
Searching yields an updated documentation page:
How User Account Control Works
There is an Installer detection technology section at the bottom of that page that contains the following information (similar to the list above):
Before a 32-bit process is created, the following attributes are checked to determine whether it is an installer:
The file name includes keywords such as "install," "setup," or "update."
Versioning Resource fields contain the following keywords: Vendor, Company Name, Product Name, File Description, Original Filename, Internal Name, and Export Name.
Keywords in the side-by-side manifest are embedded in the executable file.
Keywords in specific StringTable entries are linked in the executable file.
Key attributes in the resource script data are linked in the executable file.
There are targeted sequences of bytes within the executable file.

How do I do whatever it was that the Windows Installer CleanUp Utility did?

Microsoft's "Windows Installer CleanUp Utility" could be used to help fix broken installations of MSI-installer based products. When the installer failed in some strange way and left corrupt data behind, so bad that even Add/Remove Programs couldn't help, you could often fix things by running this utility and then running the application's installer again.
I just discovered that Microsoft announced a couple weeks ago that they were discontinuing this utility. They didn't merely say "we're not supporting it anymore"; they seemingly removed it from their site entirely.
I have to support a Windows program for a whole bunch of users. Given the number of users, every so often something will go wrong, and this program has been invaluable for me, as a last-ditch line of defense.
I know I could point customers to some third party site that has a cached copy of it, but this seems dangerous (malware potential and such).
So, are there any replacement products? Or, if not, how can I myself do whatever it is that this program did?
To be clear, I'm not asking for help like "how do I programatically modify the registry". I can do that fine. But I need to know what in the registry needs to be modified.
Thanks in advance.
Windows Installer CleanUp utility was never intended to be used in the wild. It was only meant to be used by software developers. If you occasionally have end users needing to use WCU you have some serious installer quality issues that should be addressed.
WCU only removes the Windows Instaleller meta data and doesn't actually uninstall any software. This leaves the machine in a very dirty state. These days with test labs becoming virtualized there's no reason to have this tool anymore. You just roll back to a prior snapshot and keep on working.
I've seen all kinds of online forums full of users who think they know what they are doing ( and don't ) suggest using WCU to solve various problems so in the end Microsoft decided to try to get the horse back in the barn.
I have old copies of WCU archived in my CM system so if you'd like me to generate checksums to help you determine if you are getting a good copy just let me know.
The cleanup utility was a wrapper around the command line utility msizap.exe, described here:
http://msdn.microsoft.com/en-us/library/aa370523%28VS.85%29.aspx#1

Installer or no installer?

There's lots of questions about installers but I haven't seen one about whether or not to actually use one in the first place.
What is the logic behind using them in the first place? Can't the user just extract it somewhere? But I guess it depends on the target user.
And on the subject of the actual setup: Can't that be done on the first startup?
It very much depends on your target audience, and what your installer needs to accomplish.
If your audience is technically savvy, and the installer just has to extract some files, and create shortcuts, I probably wouldn't bother.
If you need to modify system variables, register services, etc, definitely create an installer to make life easier for your users - regardless of how technically savvy they are.
You can always offer the option of installer / no installer, and let your users decide what they want. The number of downloads and resulting support requests will tell you whether you should utilize one or not.
And on the subject of the actual setup: Can't that be done on the first startup?
uTorrent used to do this (I'm not sure if it still does... I update automatically) and I found it a little confusing at first, since I'm used to installers. For users that are possibly clueless though, it's perfect.
For more complicated applications that have multiple files installed to several locations, I think it's better to have an installer. For a series of products we produce where I work, we have several 'flavours' of installer for each product: auto-update installers can be smaller as we know the user already has prerequisites. New users, though, get a larger installer.
I can't see any reason not to use an installer. When you use something like Inno Setup, creating the installer is no more difficult than creating a zip file, and you don';t have to explain to the user how to install.
Having an installer will help your users a lot.
The application will be installed at the right place
The user won't have to set links in program files himself, or copy the extracting content you suggest in a directory
Your application will looks more professionnal
Moreover:
The user will know that using the uninstall system of windows will safely remove your application without affecting the system
You need something which can set up the registry and install prerequisites before starting the app, that's why you need an installer :)
Including a well designed installer can also add value over the lifetime of the application by enabling the application to be updated and enabling the application to be uninstalled cleanly. Eventually the user will want to uninstall the application, and the ideal is to leave their computer in the same state as prior to installation.

Don't you think writing installer programs could/should have been simpler? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I recently had to struggle with one installation project (which uses most popular product for creating installations: InstallShield) to make it work for product upgrades (migrating from one version to another). In the end it turned out that I needed to use one long package code but was using some other. It wasted my 8 hours (testing and debugging installers is a pain).
Now if I think about it, once you are done all the hard part of coding, all you want to is that correct applications, libraries are copied to target computer and user just runs it. Period. This apparently simple task normally turns out to be a tricky one and "being closed to finish date" makes in even harder.
Don't you think deploying a product is made damn difficult on windows which should have been simpler? (or installer really deserves that much attention and I am just being crazy about it?)
Have you ever used simpler deployment schemes such as "copy the folder to wherever you like and run the exe. When you want to remove it, just delete the folder!"? Was it effective and made things simpler?
Painful as it is you need to wrestle with the windows installer for the benefit of your customers. Otherwise you will need to do a lot more work to
Handle situations where for some reason an error occurs during the installation. What do you do next?
Handle issues like security. What if the installing user does not have rights to particular folders/registry keys?
Correctly cleanup after installation
Patching and patch management
Performing additional tasks -- registering COM objects, creating databases, creating shortcuts, creating an un-installation shotcut and so on
Installing prerequisites
Letting users choose which features to install
Your own custom scripts to solve all these problems eventually become a bigger problem than the installation itself!
I recommend that you check out Wix. It's not exactly child's play but it gets the job done. If you install Votive as a visual studio add in you get intellisense to help you strucutre the tags correctly. With the help file you can create pretty functional flexible installations
I don't think you'll see too many disagreements here, especially regarding MSI. I think one thing to keep in mind is to watch the way many programs are using MSI files these days. Displaying UI dialogs and making complex configuration choices with an MSI is very weak simply due to the way Windows Installer was designed, so I've noticed a lot of programs being split into a bunch of baby MSIs that are installed with the minimal UI by a parent setup program. The SQL Server 2008 setup wizard does this. UPS WorldShip does this. And Paint.NET does this, too--the wizard you see is a Windows Forms app, and it launches msiexec itself (you can see the minimal UI of the Windows Installer pop up on top of the white wizard window), passing any configuration parameters as property arguments to msiexec.
A common scenario where this comes up is where someone is tasked with building an installer for an application that has both server and client counterparts. If the user chooses the server option, then they may or may not want a new database to be installed, which means installing SQL Server. But you can't just install SQL Server while you're in the middle of your own installation because Windows Installer won't let you do that. So a frequent solution is to write an app that displays a wizard that allows the user to configure all of the setup options, and then your app launches the MSI files as needed for SQL Server, your server application, and your client application in the minimal UI mode; basically, eschewing the "features" aspect of Windows Installer entirely and moving it up to the MSI level. 4.5's multiple-package installations seems to be a step further in this direction. This format is also especially useful if you also need to loop in non-MSI installers from third parties as part of your installation process, like installing a printer driver for some bizarre point of sale printer.
I'll also agree that Windows Installer lacks built-in support for common deployment scenarios. It's meant for when setup isn't XCOPY, but they seem to miss the fact that setup usually isn't just "files + shortcuts + registry keys," either. There are no built-in actions for setting up IIS Web sites, registering certificates, creating and updating databases, adding assemblies to the GAC, and so on. I guess they take the opinion that some of this should happen on first run rather than being a transactional part of the install. The freely available tooling and documentation has been awful--flat out awful--for the better part of a decade. Both of these issues are largely addressed by the WiX project and DTF (which lets you finally use managed code custom actions), which is why we're all so grateful to Rob Mensching and others' work on that project.
I've had the same experience. Installation can quickly suck up your time as you go down the rabbit hole of "Oh God, I guess I have to become an expert in this too." I second the idea that's it's best to address it early on in your project and keep it maintained as part of your build process. This way, you can help avoid that scenario of having developed a practically uninstallable product. (Trac was an example of this for a while, requiring to track down specific versions of weird Python libraries.)
(I could go on about how Windows Installer sometimes decides to use my slow, external USB hard drive as a place to decompress its files, how it seems to sit there doing nothing for minutes on end on computers that have had lots of MSI installs on them, and how that progress bar resetting itself a bazillion times during a single install is the most idiotic thing I have ever seen, but I'll save those rants for another day. =)
My two cents; please note that I really just know enough about Windows Installer to do damage, but this is my assessment coming from a small business developer just trying to use it. Good luck!
Well, its a lot easier if you build your installer first, make it part of your build system, and let it grow with your project.
I agree, the windows installer drives me insane. But there are a lot of situations that xcopy just doesn't solve. Sometimes you want to install for multiple users, not just the current user. Sometimes you have to register COM objects. Sometimes you have to make a whole bunch of changes to the system, such as registering services to run at startup, connecting to network servers, etc. Sometimes you have users that can't use a command prompt. And you always want to be able to role the whole thing back when something fails halfway through.
Was the whole MSI database approach the best way of doing it? I'm not sure. Would I rather pound nails into my head than write another line of WiX code? Probably. But you have to admit, it does a good job of doing everything you could ever possibly want. And when it doesn't there is always the CustomAction option.
Really, what I would like to see, is better documentation (really, what is a type 50 action? How about giving it a name?) and a lot more easy-to-usurp templates.
And the WiX users group alias does a good job of answering questions.
You should read RobMen's blog. He does a good job explaining why things are the way they are. He has done a lot of thinking (more than any human should) about the problems of setup.
Have you looked at NSIS: http://en.wikipedia.org/wiki/Nullsoft_Scriptable_Install_System ?
And 1: Yes, 2: No
Personally, I mostly agree with #Conrad and #John Saunders. I wrote about this topic a long time ago on my old blog. I think #jeffamaphone has a point about the Windows Installer complexity (and my over attention to setup, in general ) but I believe the Windows Installer is still the best all round option for installation on Windows.
"Once you have done all the hard part of coding", you haven't done a thing if all your hard work doesn't install. Installers need to be built and tested on every nightly build, every night, almost from day one. You need to test that the installer can be built and run, and you need to verify the installation.
Otherwise, who cares how much hard work you've done coding - nobody will ever see your work if it doesn't install!
Note that this also applies to XCOPY.
Another thing: what is your QA testing if they're not testing what your installer installs? You have to test what the customer will get!
For exactly the reasons you state, we've done internal releases, handled by the dev team by copying the required files, and then done the rest of the setup using scripts and our own utilities.
However, for end users you have to have some kind of hand holding wizard, I've used the MS installer from within VS and found it confusing and clunky. After that experience I've avoided the pain by getting others to do the installation step. Can anyone recommend a good .Net installer?
I use Installshield and if you are not trying to do anything too fancy (I why would you) then it's pretty straighforward - set initial setting, select files, set up shortcuts and create setup.exe.
All future updates I handle inside my code - much more convinient to the user

Resources