Guidelines for Packages
Because User Account Control (UAC) in Windows Vista restricts privileges during an installation, developers of Windows Installer packages should not assume that their installation always has access to all parts of the system.
An installer package that can be successfully deployed to standard users via Group Policy should in most cases also work with UAC in Windows Vista. Exceptions to this can occur if the InstallUISequence table contains the LaunchConditions action or the LaunchCondition table contains a condition based on the Privileged property. Windows Installer package developers should therefore adhere to the following guidelines to ensure their package works with UAC and Windows Vista.
- When including an installation context condition with an action in the InstallUISequence table, use a conditional statement based on the Privileged property. Do not use a condition based on the AdminUser property.
- When including the installation context with the installation launch conditions, use a Custom Action Type 19 in the InstallExecuteSequence table and make the custom action conditional upon the Privileged property. Do not use an action in the LaunchCondition table with a condition based on the AdminUser property or Privileged property.
- To read or modify the system configuration, use a deferred execution custom action in the InstallExecuteSequence table. Do not use immediate execution custom actions in the InstallUISequence table to modify the system configuration.
- To modify parts of the system that are not user specific, use a deferred custom action in the InstallExecuteSequence table. You should include the msidbCustomActionTypeNoImpersonate bit in the custom action type.
- Omit Bit 3 from the value of the Word Count Summary Property to indicate that the package can be required to be elevated. Do not include this bit unless elevated privileges are not required to install this package.
- Include a manifest with the application's Requested Execution Level.
- Include a certificate in the MsiPatchCertificate table of original package and sign all patches with the same certificate.
- If elevated privileges are required to install a Windows Installer package, the author of the package should include the ElevationShield attribute for the PushButton control used to start the installation. This will alert the user that clicking on the button will display the UAC dialog box requesting administrator authorization to continue the installation.
- Set the MSIDEPLOYMENTCOMPLIANT property to 1 to indicate to the Windows Installer that the package has been authored and tested to comply with UAC in Windows Vista. If this property is not set, the installer determines whether the package complies with UAC.
Outside of Group Policy, the following check for UAC compliance can be used on Windows XP.
To check for UAC compliance outside of Group Policy
- Log on to the computer as an administrator.
- Advertise the package for a per-machine installation:
msiexec /jm package.msi
- Log off the computer.
- Log on to the computer as a standard user.
- Attempt to install the advertised package:
msiexec /i package.msi
- In most cases, if the installation is successful, the package is UAC compliant.
- Set the MSIDEPLOYMENTCOMPLIANT property in the package to 1.
- Test for correct installation of the package using Windows Vista.