MSI: Unable to elevate an uninstallation via ARP in Vista

  • Article

 

MSI built using WiX Installer consists of Actions that require elevation.

 

The CustomActions are not designed to run under SystemContext.

The installation/uninstallation will have to be done using an Admin command prompt. The uninstallation using Add/Remove Programs will not work due to it being not elevated.

 

WiX does not generate a bootrapper setup.exe that can be used with an embedded manifest to say RequestedExecutionLevel = "RequireAdministrator"

Also uninstallation using Add/Remove Programs will not run elevated and fails.

 

 

 

Resolution

 

Use the steps below to change the Uninstall registry key for the package you are installing such that Add/Remove programs will use a Custom Script (executed from an elevated command shell) to uninstall the product.

1. Install your package on the system.

2. Take a backup of the registry key under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{Your product}

3. Uninstall your package.

4. Set the ARPSYSTEMCOMPONENT property to 1 in property table within your package. For more information https://msdn.microsoft.com/en-us/library/aa367750(VS.85).aspx

5. Import your backup registry keys to registry table within your msi package.

6. In the registry table change the keys to a new guid such as Software\Microsoft\Windows\CurrentVersion\Uninstall\{Add New GUID} and remove WindowsInstaller=1 from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{Your product}

 

7. Add elevate.vbs file in the msi package

 

 

To create Elevate.vbs

Set objSh = CreateObject("Shell.Application")

objSh.ShellExecute "msiexec.exe", "/x {Product Code}" , "", "runas", 1

 

8. In the registry table modify the "UninstallString" value to cscript "[TARGETDIR]elevate.vbs"

 

Now try installing and uninstalling the Msi package. I attached one sample msi package called Scripting_Elevation_setup.txt (rename it to .msi) which runs with elevated privilege from ARP on Vista. Let me know how it goes.

 

 

NOTE: Its highly recommended to set all CustomActions requiring elevation with the TypeNoImpersonate bit such that they run with elevated privilages.

Vista is capable of requesting for elevation when it determines a need for that.

The above is only a workaround that was implemented for the customer since the original developer of the MSI was not available to troubleshoot.

More Information

Set No Impersonate to run Custom action on Vista

https://msdn.microsoft.com/en-us/library/aa368069(VS.85).aspx

Custom action on vista

https://blogs.msdn.com/heaths/archive/2006/09/26/Custom-Actions-under-UAC-in-Vista.aspx

Elevation through Script on Vista

https://blogs.msdn.com/aaron_margosis/archive/2007/07/01/scripting-elevation-on-vista.aspx

 

 

 

 

Contributor : Ravi Shankar