[wix-users] UAC Admin permisions

Kaveesh Dashora kaveeshd at googlemail.com
Thu Mar 17 02:55:20 PDT 2016 

Hi Ronnie,

Apologies for delay, I got busy in some pre-occupations.

Below is the code which will help you in creating a Self-Elevating MSI

Step 1 Create a custom action in your MSI project, Say -
[ElevateInstallerCA]

public static ActionResult ElevateInstaller(Session session)
{
   WindowsPrincipal principal = new
WindowsPrincipal(WindowsIdentity.GetCurrent());
   bool hasAdministrativeRight =
principal.IsInRole(WindowsBuiltInRole.Administrator);
   if (!hasAdministrativeRight)
   {
       try
       {
           ProcessStartInfo processInfo = new ProcessStartInfo();
           processInfo.Verb = "runas";
   processInfo.FileName = "msiexec";
                    processInfo.Arguments = "/i \"" +
session["OriginalDatabase"] + "\"";

           using (Process wrapperProcess = Process.Start(processInfo))
           {
               wrapperProcess.WaitForExit();
           }
           session["ElevatedFromCA"] = "1";
           return ActionResult.SkipRemainingActions;
       }
       catch
       {
           //Exit Gracefully, Probably the user canceled the UAC window
           return ActionResult.UserExit;
       }
   }
   else
   {
        return ActionResult.Success;
   }
}

In your wix project where you have defined your custom actions define this
custom action:

<Binary Id="ElevateInstallerBin"
SourceFile="..\ElevateInstaller\bin\Release\ElevateInstallerCustomAction.CA.dll"
/>
<CustomAction Id="ElevateInstallerCA" BinaryKey="ElevateInstallerBin"
DllEntry="ElevateInstaller" Execute="immediate" Return="check" />

Change the InstallUISequence such that this custom action is run the first
when the MSI begins execution

<InstallUISequence>
     <Custom Action="ElevateInstallerCA"
Before="FindRelatedProducts"></Custom>
</InstallUISequence>

Hope this helps,

Let me know if you have any questions on this.

Regards,
Kaveesh

On Fri, Mar 11, 2016 at 7:46 PM, John Cooper <JoCooper at jackhenry.com> wrote:

> For my MBA, I'm working on a Named Pipe-based server-client with the
> client elevated to run the IIS calls, serialize the data into JSON, and
> feed it back to the server on the MBA.  Works pretty well, but even this
> approach requires at least temporary R/W rights on the three IIS config
> files or the API throws.
>
> --
> John Merryweather Cooper
> Senior Software Engineer | Integration Development Group | Enterprise
> Notification Service
> Jack Henry & Associates, Inc.® | Lenexa, KS  66214 | Ext:  431050 |
> JoCooper at jackhenry.com
>
>
>
>
> -----Original Message-----
> From: wix-users [mailto:wix-users-bounces at lists.wixtoolset.org] On Behalf
> Of Rob Mensching
> Sent: Thursday, March 10, 2016 5:48 PM
> To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
> Subject: Re: [wix-users] UAC Admin permisions
> Importance: Low
>
> The e-mail below is from an external source.  Please do not open
> attachments or click links from an unknown or suspicious origin.
>
> To be very clear, IIS really messed up here. They are the first Microsoft
> API I've hit where simple read requires elevation. I've threatened a couple
> different invasive solutions to the problem but never spent the cycles to
> implement any of them.
>
> tl;dr Interacting with IIS will have a subpar experience because to IIS
> made a poor design decision.
>
> _____________________________________________________________
>  Short replies here. Complete answers over there:
> http://www.firegiant.com/
>
>
> -----Original Message-----
> From: wix-users [mailto:wix-users-bounces at lists.wixtoolset.org] On Behalf
> Of Ronny Eriksson
> Sent: Thursday, March 10, 2016 3:43 PM
> To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
> Subject: Re: [wix-users] UAC Admin permisions
>
> Well to answer Kaveesh question, no i have not.
> But I would like to find a way to just find the Sites and AppPools in the
> IIS without having to use the ServerManager object since you need to be
> admin to do the connection.
> Unfortunaly, Phil, just retrieving data from that object requires Admin...
>
> So firstly I'm looking for another way to solve it.
> If not I might have to look in to doing something like u say.
>
> Ronny Eriksson
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> http://www.firegiant.com/
>
> NOTICE: This electronic mail message and any files transmitted with it are
> intended
> exclusively for the individual or entity to which it is addressed. The
> message,
> together with any attachment, may contain confidential and/or privileged
> information.
> Any unauthorized review, use, printing, saving, copying, disclosure or
> distribution
> is strictly prohibited. If you have received this message in error, please
> immediately advise the sender by reply email and delete all copies.
>
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> http://www.firegiant.com/
>

More information about the wix-users mailing list