[wix-users] Custom BA: Reading Registry Key Without User Read Permission

Wed Feb 17 10:42:04 PST 2021

Thanks Sean!  

> one from the utility exe during Detect
How is the utility exe ran in that situation?  Just write code in the bootstrapper UI to call it, let Windows handle UAC based on its manifest, and somehow consume the output?  Or is there a way to have the Detect routine call it?  Or are you saying that the exe is part of the installer chain?

-----Original Message-----
From: wix-users <wix-users-bounces at lists.wixtoolset.org> On Behalf Of Sean Hall via wix-users
Sent: Wednesday, February 17, 2021 12:05 PM
To: WiX Toolset Users Mailing List <wix-users at lists.wixtoolset.org>
Cc: Sean Hall <r.sean.hall at gmail.com>
Subject: Re: [wix-users] Custom BA: Reading Registry Key Without User Read Permission

I believe that currently people will include a utility exe with their BA so that they can detect that kind of information. This has the drawback of the user getting two UAC prompts - one from the utility exe during Detect and one from the bundle when it elevates.

In v4, there is a new concept of a bundle extension that can perform custom searches during Detect. I think it's a reasonable feature request for the extension to be able to declare that the search must run in the elevated engine, but no one's submitted that feature request yet.

The handle for Detect, Elevate, and Apply is supposed to be the window handle for your UI, Windows Installer and various other APIs that get called require one.

On Wed, Feb 17, 2021 at 10:37 AM Bryan Dam via wix-users < wix-users at lists.wixtoolset.org> wrote:

> We have a custom BA to install an extension/plugin to a Microsoft 
> product.  We need to get some connection information about that 
> product from the user and ideally verify that the service account they 
> provide can access it.  Nothing too crazy there and that's all working just fine.
> However, the idea was put forth that we should be able to 
> automatically detect a lot of that information.  We might have to 
> bounce around making some remote registry calls but the info is all 
> there.  I've got that working with a singular exception: some of the 
> registry keys do not have read only permissions for the Users group.  
> It's not my product, I'm not writing those keys, so there's nothing I 
> can do about that part.  If I right click and run the installer as 
> administrator it all works beautifully.  Any ideas on how to handle this?
>
> Auto-elevating the entire BA would obviously work but I've read those 
> threads and it seems that's just bad ju-ju even if I'm not modifying 
> anything.
>
> There's Engine.Elevate() but that intentionally doesn't elevate the UI 
> and I'm not exactly sure what handle I should be giving it.  Is it 
> possible to elevate the engine and then run elevated code using Detect/Plan callbacks?
>
> Or is this just a fools errand?
>
>        Thanks,
>              Bryan
>
> ____________________________________________________________________
> WiX Toolset Users Mailing List provided by FireGiant
> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.f
> iregiant.com%2F&data=04%7C01%7Cbryand%40recastsoftware.com%7Ca5682
> bb70ad84ffe313808d8d366408b%7C9315bb44634846c6bd378880b87e774e%7C0%7C0
> %7C637491783412563364%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQ
> IjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6%2FegXnFS
> %2FyoGG5IfIqY%2FY30F%2BdugRRoW%2B9cHiqkNBoc%3D&reserved=0
>

____________________________________________________________________
WiX Toolset Users Mailing List provided by FireGiant https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.firegiant.com%2F&data=04%7C01%7Cbryand%40recastsoftware.com%7Ca5682bb70ad84ffe313808d8d366408b%7C9315bb44634846c6bd378880b87e774e%7C0%7C0%7C637491783412563364%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6%2FegXnFS%2FyoGG5IfIqY%2FY30F%2BdugRRoW%2B9cHiqkNBoc%3D&reserved=0