I am currently in the process of installing Cisco anyconnect on several windows machines. I would like to make this installation as "hands off" as possible for the end users. I have the msi file to install anyconnect only, with no features such as host scan, telemetry, etc. enabled. What I would like to accomplish is to remove some of the setting check boxes or have them correctly set so that the user does not have to do anything except for install, click yes, and accept the license agreement. Is this possible using Orca to modify the MSI file? There are only 3 features you can change in the settings menu of Anyconnect. The checkboxes are as follows:
Enable automatic certificate selection
Allow (LAN) access when using VPN (if configured)
Block connections to untrusted servers
Orca can edit MSI's. It can also create transforms. The checkboxes have properties that likely can be passed at the command line:
msiexec /I foo.msi ALLOWLANACCESWHENUSINGVPN=1
or if you create a transform that sets ALLOWLANACCESSWHENSUINGVPN=1 you could say:
msiexec /I foo.msi TRANSFORMS=mytransform.mst
The name of the property and whether it can be passed at the command line depends on how the installer was created.
Related
while uninstalling one msi package through control panel. In task bar i notice that the msiexec.exe with commandLine \x was not getting called but still the msi package got uninstalled. In registry where that particular software was stored in that they have provided uninstallstring in which something like this is given "MsiExec.exe /X{2012098D-EEE9-4769-8DD3-B038050854D4}".
so there are other way through which it does uninstall the software without calling Msiexec.exe??
and if it does then how ??
can someone please enlighten me on this
For Windows Installer products the UninstallString in the registry is not used. Windows simply calls the API to do the uninstall. Yes, sometimes that's a pain if you'd like to customize the uninstall to do something different, but that's the way it works.
The legacy way of adding a program to the ARP (Add/Remove Programs control panel) is to specify the uninstaller's command string (e.g. c:\app\uninstall.exe) in either of the following registry keys:
KEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall
OR
KEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall
And the path to the uninstaller is specified by the "UninstallString" value for each subkey
Installer's that do not use MSI use exactly this technique to show up in ARP to suppor uninstall.
More details here:
http://msdn.microsoft.com/en-us/library/aa372105%28v=vs.85%29.aspx
msiexec.exe is the general process used for install / uninstall task. It takes as an argument the specific program id / class id which is of the form GUID - the long hex string you posted.
Even if you don't see it executing with /x switch, it is silently passed this string when you choose to uninstall something right from control panel - the result of which is uninstallation.
I've made a custom installer / uninstaller. I register the uninstaller with the Windows Registry as described in the MSDN Library, Chaper 2. Install/Uninstall.
Namely, this means registering uninstall.exe as the UninstallString. It works, in that it runs my uninstaller. The problem is that it doesn't invoke as admin. I've set uninstall.exe's manifest to require admin using mt, and if you double-click it from explorer, it will automatically request admin as desired.
So the question is, what's the magic flag I need to set in the registry to get the Windows Add / Remove Programs dialog to run my uninstaller as admin?
You could add checking for admin privileges inside your uninstall program. Check this question for more ideas on how to do it. The easiest of the mentioned options is using a shortcut to your program and ticking the option "Run as administrator".
The other solution is to make a registry entry inside HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers and add a REG_SZ path to your executable as the value, and "RUNASADMIN" as data.
More info in this answer here.
I'm constructing a batch file that will auto-configure Windows 7's regional settings for all users.
So far, I've successfully been able to set (mostly) all of the regional settings for the current user, but I need to be able to apply the same settings to all new users. You can do this via the GUI, by going into Region and Language > Administrative > Copy Settings and selecting both checkboxes. I would like to do this programmatically, though. Does anyone know of a registry key I can set or something that will do this?
Failing that, I'll settle for a way to programmatically open the Region and Language > Administrative > Copy Settings window. I've been able to successfully open the Region and Language > Administrative window with start rundll32.exe shell32.dll,Control_RunDLL intl.cpl,,3, but I would like to eliminate one more step from the process, if possible.
Update
Sorry, I seem to have forgotten to mention how I'm applying these settings. I'm doing this by executing an exported .reg file, that contains the optimal settings, with regedit.exe /s "regional.reg"
How are you applying the settings now? Via the registry?
If you put the settings under HKEY_USERS\.DEFAULT instead of (or in addition to) HKEY_CURRENT_USER, they should be used during profile creation.
I have an installer that needs to access the registry and copy and remove files using custom actions.
In Windows XP the installer works just fine, but in Vista and 7, the installer shows an error because it cannot access a folder, but if I run the installer as administrator everything works.
So, I need the installer to be able to run the custom action as administrator even if the MSI wasnt run this way (need the installer to be run by regular users). I tried using an EXE at the beginning of my installation to modify the registry and allow the MSI to run normally but I dont think that's a very good solution.
PS. Bootstrapper is not an option due to client requirements :S
All my custom Actions are deferred and impersonate="no"
Any ideas?
Thank you
Make sure that:
it's scheduled after InstallInitialize
"Execute" attribute is set to deferred
"Impersonate" attribute is set to no
Please note that deferred custom actions cannot access the installation session, so you cannot access installer properties directly.
Your Custom Actions must be sequenced between InstallInitialize and InstallFinalize actions.
Do you get UAC prompt when you run the installer? If you perform a per-machine install, you would get UAC prompt when you click Install button in the wizard. If you don't get UAC prompt, then check ALLUSERS property is set to 2. See also Marking the Privileges for an MSI
When I run an MSI (without parameters) I usually have to click my way through dialog boxes and choose if I want to install to current user/all users, the target directory, etc etc.
What happens when I run the MSI with /qn (silent mode). How do I find what answers where automatically chosen for all those dialog boxes?
An MSI is a basically a database. You can use Orca to open it and view/change settings.
Information on Orca can be found
here.
A quick walkthrough on how
to use Orca can be found here.
Somewhat pertaining to your
question, you can edit which users
the installer will install in silent
mode. Information is here.
I hope this has at least geared you in the right direction.
Edit:
For instance, download the installer for WiX 3.0 and open it in Orca.
Go to the Property table and you will see a list of public (uppercase) and private properties.
Notice that the WIXUI_INSTALLDIR property is set to APPLICATIONFOLDER.
Go to the Directory table, you'll see that APPLICATIONFOLDER is set to have a default of "vqee3ld3|Windows Installer XML v3" or something similar.
To find which dialog sets this property, go to the ControlEvent table. Here, you'll see the InstallDirDlg fires the event SetTargetPath when the user clicks the Next control. The Argument this event sets is WIXUI_INSTALLDIR, which in turn sets APPLICATIONFOLDER
You could try editing these properties and running the installer to see how the properties are changed. If you have default properties you'd like to set you can run. For instance, close Orca to release the lock on the msi file and run:
msiexec /i Wix3.msi APPLICATIONFOLDER="C:\Program Files\WiX" /qn
More on MSI table structures in this powerpoint
It is correct that you can set PUBLIC properties via the command line. These properties are always uppercase, and generally always listed in the Property table, though this isn't guaranteed to be the case. By reviewing the Property table you should be able to decode what each public property does. If not, there is usually documentation accompanying the MSI in form of a PDF or readme.txt that can help.
With the right tool you can also view the details of each MSI dialog and check the events that have been defined to set them. This requires a tool such as Installshield or Wise.
Another possible option for silent installation is a built-in MSI feature that I have just become aware of: the AdminProperties property. See information here: http://msdn.microsoft.com/en-us/library/aa367542(v=vs.85).aspx