Application package introduction

Application Packaging: Creation of an Installation Program for a piece of Software

Application Repackaging: Repackaging (Customized Installation) is the process of capturing the

changes made by an Installation Program (Package) and it is designed to support company standards
and distribution methods.

Benefits:

 Customized Installation (personalized)

 Reduce Support Costs
 Self-Repair
 Source Resiliency
 Unattended Install
 High Support Costs
 Fragile (easy way of) Installs & Uninstalls
 Difficult and labor Intensive deploys.

Repackaging life cycle or steps in repackaging:

 Review the packaging requirements with the projects sponsor

 Analyze the vendor package - Tech Review or Evaluation
 Repackage the application (Scripting) & Customize the package - Customization
 Test the package - Testing
 Release to end users or Deployment - Deployment

Methods of repackaging:

 Setup capture
 MSI extraction
 Copy paste method
 ISS recording

1. Windows Installer:
The Windows Installer (previously known as Microsoft Installer) is a software
component or OS service/engine used for the installation, maintenance, and removal of
software on modern Microsoft Windows systems.

Advantages:

 Advertising
 Installation on Demand
 Source Resiliency
 Repair (Self-healing)
 Rollback (Transactional operations) - State management
 Managed Shared Resources (spell checker)
 Installation in locked-down environments.

1
Windows installer versions:

Versio Included with Also available for

n
1.0 Office 2000 -
1.1 Windows 2000 RTM, SP1, SP2 Windows 95/98
Windows NT 4.0 SP6
1.2 Windows Me -
2.0 Windows XP RTM, SP1 Windows 95/98/Me
Windows 2000 SP3, SP4 Windows NT 4.0 SP6
Windows Server 2003 RTM Windows 2000 RTM, SP1, SP2
3.0 Windows XP SP2 Windows 2000 SP3, SP4
Windows XP RTM, SP1
Windows Server 2003 RTM
3.1 Windows XP SP3 Windows 2000 SP3, SP4
Windows Server 2003 SP1, SP2 Windows XP RTM, SP1, SP2
Windows XP Professional x64 Edition RTM, Windows Server 2003 RTM
SP2
4.0 Windows Vista RTM, SP1 -
Windows Server 2008 RTM
4.5 Windows Vista SP2 Windows XP SP2, SP3
Windows Server 2008 SP2 Windows Server 2003 SP1, SP2
Windows XP Professional x64 Edition RTM, SP2
Windows Vista RTM, SP1
Windows Server 2008 RTM[10]
5.0 Windows 7 RTM -
Windows Server 2008 R2 RTM

2. Introduction of tools:
Packaging Tools:

 Wise package studio

 Install shield,
 WIX
 SMS installer
 Marimba…so on

Deployment tools:

 Microsoft Systems Management Server (SMS),

 SCCM
 Altiris Client Management Suite
 Altiris Notification Server Console
 Radia
 CA-DSM

Trouble Shooting Tools

 Install rite
 Process monitor
 Orca
 Wise com capture
 Trace32 (Sms log file viewer)

2
Types of Setup Captures in Wise / Install shield:

Wise package studio:

 Virtual Capture: Creates a clean virtual OS on your computer, and the installation is
redirected in the clean virtual OS.

 Smart Monitor: Watches the installation and records the changes the installation performs.

 Snapshot: Scan the computer before and after the installation and record the differences
between the first scan and the second.

Install Shield:

 Installation Monitor : Repackager watches lower-level system activities and records related
changes made to the system by the setup(s) programs
 Snapshot: Scan the computer before and after the installation and record the differences
between the first scan and the second.

Difference Between wise package studio and Install shield:

Both tools are more or less same, but for capturing part Install Shield is good, it won’t
capture unnecessary files & registry keys and for editing the MSI or .wsi or .ism, Wise is better
because Wise GUI is good.

Bugs in Install Shield:

o GUI part
o Component rules are not clearly mentioned like in wise.
o Shortcut Icon (other than executable files)
o Directory table (INSTALLDIR)
o Create unnecessary entries while editing the MST
o Product language property won’t change in the MSI after the compilation, default
1033
o Create unwanted component & create folder entry while editing any component
o Component names
o It won’t validate the MSI if that MSI is installed in the local system

3. Introduction of MSI:

Definition: MSI is “Microsoft Windows Installer”. It is an installation, in the form of a single

file. It is actually a database that contains several tables (80+). Each of these tables contains
instructions and set-up information.

Structure of MSI:

 Product (Collection of Features)

 Features (Collection of Components)
 Sub Features (Feature inside parent feature)

3
  Components (Collection of resources that can be files, Registries and single part of
the application.)
 Key path: a resource in the component which is used to identify whether the
component installed or not in the machine.

Component rules:

o Every component should have a component GUID.

o Do not mark an editable file (like text file, word document) as a
component key path.
o Two components must not have the same key path file. The key path value
points to a particular file or folder belonging to the component that the installer
uses to detect the component. If two components had the same key path file, the
installer would be unable to distinguish which component is installed.
o No file, registry entry, shortcut, or other resources should ever be shipped
as a member of more than one component. This applies across products,
product versions, and companies.
o Never create two components that install a resource under the same
name and target location. If a resource must be duplicated in multiple
components, change its name or target location in each component. This rule
should be applied across applications, products, product versions, and companies.
o Do not create a version of a component that is incompatible with all
previous versions of the component. This rule should be applied across
applications, products, product versions, and companies.
o Do not create components containing resources that will need to be
installed into more than one directory on the user's system. The installer
installs all of the resources in a component into the same directory. It is not
possible to install some resources into subdirectories.
o Do not include more than one COM server per component. If a component
contains a COM server, this must be the key path for the component .

MSI Installation Mechanism:

 Acquisition:
The Installer first installs the feature and then progresses through the
actions specified in the sequence tables of the installation database.
These actions query the installation database and generate a script
that gives a step-by-step procedure for performing the installation.
 Execution
The installer passes the information to a process with elevated
privileges and runs the script.
 Rollback
If an installation is unsuccessful, the installer restores the original
state of the computer. When the installer processes the installation
script, it simultaneously generates a rollback script. In addition to the
rollback script, the installer saves a copy of every file it deletes during
the installation. These files are kept in a hidden, system directory.
Once the installation is complete, the rollback script and the saved files
are deleted.

Reasons why multiple MSIEXEC.exe runs on task manager while Installation:

4
 Windows Installer uses a client-server model for performing installations. Additionally for
security reasons, Windows Installer hosts DLL and script custom actions in a "sandbox"
process. Depending on how the install was initiated, one of the MSIExec processes can be the
client process (Current User). Another MSIExec process is Windows Installer service (System).

4. Command line parameters or switches:

Install Options

 /I -Installs a product
 /j -Advertise a product
u - Advertises to the current user
m - Advertises to all users of machine
g - Language identifier
t - Applies transform to advertised package
 /a - Administrative Installation
 /x - Uninstall a product

Ex: Msiexec /I “adobe.msi” /l*v c:\Install.log /QB!

Display Options (during Installation & Uninstallation)

 /quiet - no user interaction

 /passive - unattended mode
 /q - sets user interface level
n - No UI
n+ - No UI except for a modal dialog at the end
r - Reduced UI with no modal dialog at the end
b - Basic UI
b! - Basic UI with hide cancel button
b+ - Basic UI with a modal dialog at the end
b+! – Basic UI with a modal dialog at the end & hide cancel
button
b- Basic UI with no modal dialog at the end
b-! - Basic UI with no modal dialog at the end & hide cancel
button
f - Full UI

/help or /? - help information

Restart Options

 /norestart Do not restart after the Installation

 /promptrestart Prompts the user for restart if necessary
 /forcerestart Always restart the computer after Installation

Logging Options (Writes logging information into a log file at the specified existing path.

The default value is 'iwearmo'

5
 /l - I - Status messages
w - Nonfatal warnings
e - All error messages
a - Startup of actions
r - Action-specific records
u - User requests
c - Initial UI parameters
m - Out-of-memory or fatal exit information
o - Out-of-disk-space messages
p - Terminal properties
v - Verbose output
x - Extra debugging information
+ - Append to existing log file
! - Flush each line to the log
*- Log all information, except for v and x options

/ log <LogFile> Equivalent of /l* <LogFile>

EX: Msiexec /I “path of msi” /l*v “log file path” /qb+

Update Options

 /update
 /uninstall
 /p - Applies a Patch

Repair Options (Repairs a product)

 /f -
p - Only if file is missing If file is missing or an older version is
installed (default)
e- If file is missing or an equal or older version is installed
d - If file is missing or a different version is installed
c - If file is missing or checksum does not match the calculated
value
a - forces all files to be reinstalled
u - All required user-specific registry entries (default)
m - All required computer-specific registry entries (default)
s - All existing shortcuts (default)
v - Runs from source and reaches local package

Others

/m<file name> generates an SMS status .mif file

/? Or /h Displays the copy rights for Windows Installer

/y <module> Calls the system functionDllRegisterServer to self-

register modules passed in on the command line

6
 /z <module> Calls the system functionDllUnRegisterServer to
Unregister modules passed in on the command line

/c advertises a new instance of the product

/n <ProductCode> Specifies the particular instance of the product

Registering Dll files:

regsvr32 <Dll name> For Register the Dll

regsvr32 /u For Unregistered the Dll
regsvr32 /s For Silent register

5. Install Editor:

 Product Definition:
o General Information,
o Add/remove programs,
o Product details,
o Features.

 Features Details:
o Merge Module
o Files
o Registries
o INI files
o Shortcuts
o Environment Variable
o File Associations
o Services
o ODBC

 Other Options:
o Administrative options
o Media
o Upgrades

6. Custom Actions
Basics and Directions
Custom actions play a very prominent role in getting the Developer's task
done easily. The Microsoft Windows Installer provides many built-in custom actions for
performing the installation process. The standard actions can also be defined as a part of the
packaging template.

Standard actions are sufficient to execute an installation in most cases.

However, there are situations where the developer of an installation package finds it necessary
to write a custom action. The Custom Actions are the actions entirely defined by the users i.e.

7
 the developer writes an action to execute his own installation. This is basically written to
achieve few tasks which are not possible through the MSI.

How Can Custom Actions (CA) Be Defined?

Executable files (.exe)

 Calling an exe file from the Destination computer
 Calling an exe from Installation (stored in the Binary table)
 Calling an exe file from the Installed files (installed by the Application)
 Calling an exe file whose path is stored in a property

Example Scenario: This CA is written to launch an executable during installation that is

installed on the user's machine or that is being installed with the application. This type of CA
can be used when we have a pre-defined exe to be run for our desired result.

Best example would be to write a CA which gives permissions to registry keys using
"setacl.exe". Calling a system exe "RefreshPolicies" which would refresh the user permissions
and policies after the installation is complete. (This CA will be used only when we set
permission to registry or file for the user.)

Dynamic linked libraries (.dll)

 Calling a Custom dll file from the Destination computer
 Calling a Custom dll from Installation (stored in the Binary table)
 Calling a Custom dll file from the Installed files (installed by the Application)
 Calling an dll from the Installation (stored in the Binary table)
 Calling an dll file from the Installed files (installed by the Application)

Example Scenario: To call special functions during an installation those are defined in a
dynamic-link library (DLL). This type of CA can be used when we have a system dll or an
application dll to be invoked for our desired result.

Best example: In driver packages, where we need to customize the package in such a way that
it should check for the max XX value that is present in the machine and install the PNF or INF
file. If the file oem14.INF is the max XX value that is present in the machine, while installing the
package it should install the INF as oem15.INF resulting in the unique name for the INF file for
that machine. For this purpose we write a custom action using setupapi.dll.

Visual Basic Script files

 Calling a VBScript from Embedded code (stored in the custom action table)
 Calling a VBScript file from the Installation (stored in the binary table)
 Calling a VBScript file from the Installed files (installed by the Application)
 Calling a VBScript file whose path is stored in the property

Java Script files

 Calling a JScript from Embedded code (stored in the custom action table)
 Calling a JScript from the Installation (stored in the binary table)
 Calling a JScript file from the Installed files (installed by the Application)
 Calling a JScript file whose path is stored in the property

Wise Script files

 Run WiseScript from the Destination computer
 Run WiseScript from the Installation (stored in the binary table)
 Run WiseScript from the Installed files (installed by the Application)

8
 Example Scenario: This type of CA is written to Use functions written in the development
languages Microsoft Visual Basic Scripting Edition, Wise Script or Microsoft JScript literal script
text during an installation. This type of CA can be used by writing a script as an embedded code
or as a script file which would reside in the source directory.

Best example: Handling excel addins, deleting a run time folder which remains back after un-
installation., creating a folder in network share etc.

Other Actions Available:

Other Important Actions available in MSI Script of Wise Package studio are,

Display Message -display the message to the end user.

Download file from the Internet

Launch Web Page -launch a Web page during an Installation

Open document from the Installed files

Pause Installation -temporarily stop a sequence from executing

Post Data to HTTP Server -post information to your Web server during an Installation

Set Directory -set a new value for the directory

Set Feature State -set the Installation state of a feature at runtime

Set Property -set a Windows Installer property

Terminate Installation -terminate it, if a specific condition is not met.

How Do We Use CA in Our MSI Package?

Steps for creating a Custom Action:

 Select the Custom Action type in the MSI Script tab

 Select the Sequence in the location tab
 Apply the Condition in the location tab
 Select the Scripting Options in the properties tab
 Select the Processing Options in the properties tab
 Select the Scheduling Options in the properties tab

Sequences:

 Normal User Interface - execute the custom action only when the application Installs in the
user interface

 Normal Execute Immediate / Deferred - execute the custom action only when the
application Installs in the silent mode

 Administrative User Interface - execute the custom action only when the application
Installs in "/A" mode with the user interface

 Administrative Execute Immediate / Deferred - execute the custom action only when the
application installs in "/A" with silent mode

9
  Advertisement Execute Immediate / Deferred - execute the custom action only when the
application installs in "/ju or /jm" mode.

Conditions:

 Action run only during Install

Condition: NOT Installed AND NOT PATCH
 Action only runs during removal of MSI
Condition: REMOVE
 Action runs during Install and repair
Condition: NOT REMOVE
 Action runs during Install and remove
Condition: There must be no condition
 Action calls EXE installed by MSI
Condition: NOT Installed AND NOT PATCH
 Run on initial installation only:
NOT Installed
 Run on initial install or when repair is selected.
NOT Installed OR MaintenanceMode="Modify"

 Run when being uninstalled from command line or add / remove menu.
REMOVE~="All" OR MaintenanceMode="Remove"

Scripting options

 Immediate Execution: Immediate custom actions, can be sequenced anywhere within any of
the sequence tables. It has access to the installation database (read & set installation
properties, modify feature & component states, add temporary columns, rows, and tables).
 Deferred Execution - User Context

deferred custom actions can only be sequenced between the InstallInitialize and InstallFinalize
actions in execute sequence tables. It doesn't have access to the installation database.
Deferred custom actions are not executed immediately. Instead they are scheduled to run
later during the execution script. The execution script isn't processed until the InstallExecute,
InstallExecuteAgain, or InstallFinalize action is run.

If the Current User doesn't have the elevated privileges (Permission to make changes in the
system directly), the custom actions should run in Deferred Execution in User Context only.

 Rollback only

This Action should be executed during the Installation of the Rollback script or if the
Installation is Unsuccessful
 Commit only
This Action should be executed during the Installation of the Commit script.

 Deferred Execution - System Context

Deferred custom actions can only be sequenced between the InstallInitialize and InstallFinalize
actions in execute sequence tables. It doesn't have access to the installation database.
Deferred custom actions are not executed immediately. Instead they are scheduled to run
later during the execution script. The execution script isn't processed until the InstallExecute,
InstallExecuteAgain, or InstallFinalize action is run.

10
 If the Current User has the elevated privileges (Permission to make changes in the system
directly), then it should run in Deferred Execution in System Context only.

Processing Options:

 Synchronous

Windows Installer runs the custom action synchronously to the main installation. It waits for
the custom action to complete successfully before continuing the main installation.
 Synchronous, ignore exit code

Windows Installer runs the custom action synchronously to the main installation. It waits for
the custom action to complete before continuing the main installation; the action can be either
success or fail.
 Asynch, wait at end of sequence

Windows Installer runs the custom action simultaneously with the main installation. At the end
it waits for the exit code from the custom action before continuing.
 Asynch, no wait

Windows Installer runs the custom action simultaneously with the main installation. It doesn't
wait for completion of the custom action and doesn't check the exit code also.

Scheduling Options:

 Always Execute: This action execute in all sequences

 Run first time: This action execute only the first time Windows Installer encounters it.
 Run once per process: This action execute only one time either Execute sequence that
should not run if the installation is running in silent mode.
 Run only if UI sequence was run: This action execute only if either Execute sequence is run
following User Interface sequence.

Difference Between "Immediate Execute / Deferred Execute

Immediate

 Custom actions, can be sequenced anywhere within any of the sequence tables
 Custom actions have access to the Installation database
 Custom actions can only run in the User Context
 Custom actions should never modify the system state. i.e. should not run in elevated context

Deferred

 Custom actions can be sequenced only between the InstallInitialize and InstallFinalize actions
in the sequence tables
 Custom actions doesn't have access to the Installation database
 Custom actions can run both in the context of the user and elevated using the system context.
 Custom actions can modify the system state.i.e can be run in elevated context

Difference Between "Deferred in System Context / Deferred in User Context"

11
User Context: Custom action which installs or modify a file under the INSTALLDIR

System Context: Custom action which installs or modifies the file under INSTALLDIR or System
folder directly.

7. Setup Editor:
o Dialogs
o Tables
o Properties
o Tables
o Launch conditions
o Important checks.
o Components

8. Topics

 Properties: Properties are global variables, Microsoft Windows Installer use these during
an installation.
Types: 1. Private. 2. Public. 3. Restricted Public.
o Private Properties: The installer can be use only internally (values can’t be changed
during the run time).
Ex: Manufacture, ProductCode, ProductID, ProductName, ProductVersion
o Public Properties:
The installer can be uses both internally & externally (values can be changed during the
run time also). Ex: INSTALLLEVEL INSTALLDIR ADDLOCAL
o Restricted Public Properties:
The user can’t change the value both internally & externally due to security purposes.

One can make a public property as a restricted public property by defining it in

the SecureCustomProperties property value delimited by semi-colons.

Ex: ALLUSERS, REBOOT, REINSTALLMODE

Required Properties in MSI:

Product Code, Product Language, Product Name, ProductVersion, Manufacture.

Important Properties: ALLUSERS REBOOT REINSTALLMODE REINSTALL ROOTDRIVE

TARGETDIR INSTALLSOURCE INSTALLLEVEL ARP PROPERTIES ADDLOCAL ADDSOURCE
COMPADLOCAL COMPADSOURCE LIMITUI TRANSFORMS

 Shortcuts and types: Shortcuts are the entry points to the applications installed on
the system which is normally points to a file.

12
 Types: 1. Advertised (Windows Installer) Shortcuts
2. Non-advertised (Standard) Shortcuts
 A non-advertised shortcut (Standard Shortcuts) is a standard windows shortcut.
If you right-click it you will see the target field points to the executable that will be
launched. If, for whatever reason, this executable is missing the application will simply
fail.
 An advertised shortcut (Windows Installer Shortcuts) is a technology specific to
Windows Installer. If you right-click an advertised shortcut the target field will be
grayed out. An advertised shortcut supports advertisement and repair. Repair means
that if the executable to which the shortcut is pointing is not there then windows
installer will repair the application and replace the missing file.

Advertisement: Advertisement is the process of the creating an entry point to the

user without installing the actual application. Once we launch the entry point then the actual
application will install and launch the shortcut which is called “Installation on Demand”

Types:

Publishing: No Entry points appear to a user or others, when an Application

“published” to the group. It is activated only if the group Application activates the
published Application i.e. Installation on Demand.

Assigning: An Application appears (shortcuts, files & registries) to a user or others,

when an Application is “assigned”. When the user tries to open, it is installed upon
demand.

Note: If a Feature or Component is advertised, only the interfaces required for loading
and launching the application are installed to the user or others. If a user activates an
advertised interface the installer then proceeds to install the necessary Components &
Features.

 Source Resiliency:
Applications that rely on network resources for installation-on-demand are susceptible to
source failures if the source location should change for any reason.
When: source resiliency will occur in two times
1. Maintenance installation

2. Installation on demand

Note: Normally the windows installer will check in three places Network Media URLS.

 File versioning rules or DLL hell:

13
 What happens when a file in the package already exists on the target PC? In the old days it
was whatever the author of the setup.exe felt like and that created what is known as “DLL
HELL”.
MSI has rules for this:
Highest version wins Most files (EXE, DLL, etc.) have version numbers inside (Right-click->
Properties ->Version tab to see them). If a file that exists in both the package and on the
target PC, the file with the highest version number will be copied (or left) on the machine. This
is Regardless of the file date.
Version wins over no-version
If one of the files doesn’t have version number then the file with the version number will be
Copied (or left) on the machine.
Files with no version number is user data
If the file already exists on the PC it is NOT overwritten. That means if the packaged file does
not have version then it won’t overwrite to the machine file.

 Files folders registries are not getting remove after uninstall

Files: There are four common reasons for why files may not be removed during Uninstallation
•The components to which these files belong are marked as permanent. (This is done
through the Attributes column of the Component table.)
•None of the components to which these files belong have component GUIDs. (The
value for the component in the ComponentId column of the Component table is NULL).
Components without GUIDs are not managed by WindowS Installer.
• If the keypath of the component has a shared DLL refcount, then the component will
not be uninstalled.
•If the component is installed in the system folder and at the time of Uninstallation
there is an external shared DLL refcount for any one file in the component, then the
component will not be uninstalled.

Folders: The reasons could be..,

•The RemoveFolders action is missing from the execute sequence table when both the
CreateFolder table and CreateFolders action are used.
•The folders were not created by Windows Installer; therefore it will not remove them
unless told to do so.
•Resources still exist in the folder.
Registries: Most common causes for leaving behind registry keys during Uninstallation are

 The Registry table contains entries marked with the '+' sign. This directs the installer to
leave behind those registry keys during uninstallation.
 In the InstallExecuteSequence table, the RemoveRegistryValues action is sequenced
after the UnregisterProgIdInfo and UnregisterMIMEInfo actions. The sequence of these
actions needs to be reversed. The presence of some registry values written from the
Registry table prevents certain ProgId, extension, and CLSID keys from being removed.

14
 Services: A windows service is a background process which is loaded by the Service
Control Manager of the OS. Types: 1. Win32 Service. 2. System or Kernel Services
o Win32 Service (Win32 services are the services which is running by the executable file
installed by the Application).
o System or Kernel Services (Kernel services are the services which are used by the OS
to communicate to the hardware devices).

Storage in Registry: Most of the Service information is stored in the windows

registry “HKLM\System\CurrentControlSet\Name of the Service”

Storage in tables:

1. Service Install(Service Details)

2. Service Control (Controlling the service during Installation & Uninstallation)

 Windows file protection

WFP is also one Utility tool which will do automatically.
Some applications will replace the system files (SYS, .DLL, .EXE, .TTF, .FON, and .OCX) with
different files of the same name or with same file with different versions. If the files are in a
protected folder, then Windows File Protection automatically determines which file was
affected, and looks up the file signature in a catalogue file to see if the file is the correct
Microsoft version, and if it is digitally signed. If it is not, then the correct file will be copied
over it from either the winnt\system32\dllcache folder, or from the Windows CD.

Dll Cache Folder:

During the process of SFC (System File Checker) or WFP (Windows File Protection), it will scan
all the protected files (.SYS, .DLL, .EXE, .TTF, .FON, and .OCX extensions) to verify their
versions. If the versions are not correct, it will replace the particular files from the back up
folder called DLL Cache folder.
SFC:
SFC means "System File Checker." It is a command-line utility that scans the operating
system's files to ensure that they are the correct ones (original Microsoft files). But it can be
run or scheduled manually only.
During the process, it will scan all the protected files (.SYS, .DLL, .EXE, .TTF, .FON, and .OCX)
to verify their versions. If the versions are not correct, it will replace the particular files from
the back up folder called DLL Cache folder

 Reboot:
Windows Installer may prompt for a reboot if it installs over a file that is in use or the package
explicitly requests that the installer reboot. It is easy to determine if Windows Installer
prompts for a reboot because it installed over a file that is in use. The first step is to generate
a verbose log file. In the verbose log file, look for the presence of the ReplacedInUseFiles
property in the property dump. If this property is present with a value of 1, then the Installer
will require a reboot because it overwrote an in-use file.

To determine which file was in-use, scan the log file for "Info 1603" and "Info 1903"
messages. The 1603 message will be logged by the Install Validate action.

 Logging:
Logging can be enabled in the following four ways:

15
 o Command-line:
If installing an MSI package from the command-line, the /L switch can be used to enable
logging. For example, the following command installs Package.msi and outputs verbose
logging to c:\Package.log:
msiexec /i Package.msi /l*v c:\package.log

o Windows Registry:
The following registry value can be used to enable verbose logging:
Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
Value Name: Logging
Type: REG_SZ
Data: voicewarmup
The resulting log is named MSI###.log (where "###" is a unique random identifier) and is
placed in the system's Temp directory.

o Group Policy:
The following Group Policy setting can be used to manage logging on multiple systems:
ComputerConfiguration -> Administrative Templates -> Windows Components ->
Windows Installer -> Logging.

Values in the Log files

Value Meaning
0 Action not executed
1 Success
2 User canceled
3 Fatal error
4 Suspended, waiting for reboot

If there is a problem still with advertising a package then check the property ProductState in
the log file.

The ProductState property can be any of these values:

-1 The product is neither advertised or installed

1 the product is advertised but not installed
2 the product is installed for a different user
5 the product is installed for the current user

 Transforms
Definition: A transform is a windows installer file with the extension (.MST). It should be
used along with a MSI to customize or change the installation package without modifying the
MSI. The installer can only apply transforms during an installation.

Types:

Embedded transform: Embedded transforms are stored inside the .msi file of the package.

Secured transform:

16
 Secured transforms are stored locally on the user's computer in a location where, on a secure
file system, the user does not have write access. Such transforms are cached in this location
during the installation or advertisement of the package. During subsequent installation-on-
demand or maintenance installations of the package, the installer uses the cached transforms.

Unsecured transform:

Transforms that have not been secured are called unsecured transforms. To apply an
unsecured transform, pass the transform file names in theTRANSFORMS property orcommand
line string during the installation.

Syntax: msiexec /I <MSI FILE PATH> TRANSFORMS=”TRANSFORM PATH”

Running Multiple Transforms and Their priority:

Syntax: Msiexec.exe /i {path}.msi TRANSFORMS=T1.mst; t2.mst

Value Priority:

If t2.mst contains any property or any update that t1 has made, the installation will take the
final transforms value.

Ex: If t1.mst sets a registry value HKCU\Software\TestEnvironment =0

And if T2.mst sets a different value to the same registry HKCU\Software\Test\Environment =1

Then the installation will take the reg value as 1.

 Tables and important tables:

As MSI is a database that stores the information about the installation will stores in the tables
and each table is inter related to each other.

Important Table:

AdminExecuteSequence AdminUISequence Binary Component CustomAction Directory

Duplicate
FileEnvironmentFeatureFileFontIniFileInstallExecuteSequenceInstallUISequenceLaunchConditio
nLockPermissionsPropertyRemoveFile SelfregServiceInstallServiceControlShortcutUpgrade

 Normal user and admin user

Admin user: It is a user account that holds the full control (read/write and execute) on files
folders registry and process of the system or User with highest privilege on the system.

Normal user: It is a user account that normally does not contain write/execute permissions
on files folders registries and only holds the read access.

Note:If the user having the privileges of MSI features (Windows Installer) is called as
Elevated User.

You can create through “gpedit.msc” in the run Command or registry keys

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer

17
 Type: DWORD Key: AlwaysInstallElevated Value: 1

Locked down Environment: This policy can be used to block malicious scripts, help
lockdown a computer, or prevent unwanted applications from running.

 Package code/product code/upgrade code

Product code: It is a GUID identifying a particular Application or product.

Package Code: It is a GUID identifying a particular Microsoft Windows Installer package. It

associates an .MSI file.

Upgrade Code: It is a GUID that helps to uninstall the previous version of the application.

 Upgrades
Upgrade is a process of updating the earlier versions of a Windows Installer setup
package i.e. Adding, changing & deleting new Files & Registries. But here product
code, product version & package code should be changed.

TYPES:

Small Update: A small update is a product update that changes a few files or possibly
adds some new content. But there is a limitation for the changes that can be made to
the feature-component structure for the package. Only the package code is changed.
It is also called as a "Hotfix" or “Quick Fix Engineering (QFE)”.

Minor Upgrade: A minor update is a product update that makes enough changes. But
there is a limitation for the changes that can be made to the feature-component
structure for the package. The package code & product version is changed for the
product. It is also called as a “Service Pack”.

Major Upgrade: A major update is a product update with a large number of changes.
There is no limitation for the changes that can be made to the feature-component
structure for the package. The package code, product code & product version is
changed for the product. It is also called as a "Product Upgrade”.

Type of update PackageCode ProductVersion ProductCode

Small update Changed No Change No Change

Minor upgrade Changed Changed No Change

Major upgrade Changed Changed Changed

 Patch
Patching is a streamlined process for updating earlier versions of a Windows Installer setup
package i.e. when you update only files that already exist in your installation package. Only
the package code is changed.

18
 Running a Patch:
msiexec /p or update patchfile.msp REINSTALL=ALL REINSTALLMODE=omus

But if you do not give the command line options of REINSTALL and REINSTALLMODE
then it will not patch the existing installation package. What it will do is update the locally
cached copy of the MSI database.

If you run the MSP in UI mode then it will patch the installation and will also update
the locally cached copy of the installation, because when the dialogs are run they in turn set
REINSTALL and REINSTALLMODE.

Q: what is the difference between patch to transform?

A: The patch can run without msi file because it is adding some files to the existing installation
whereas the transform need to run along with msi which will do mainly the customization to
the msi file.

 Merge module:

Definition: Merge modules are a mechanism in Windows Installer that allows companies to
prepackage and share standard component definitions. Merge modules are used to deliver
shared code, files, resources, registry entries and setup logic to applications as a single
compound file.

Merge Module tables:

ModuleSignature, ModuleComponents, ModuleDependency, ModuleExclusion,
ModuleAdminUISequence, ModuleAdminExecuteSequence, ModuleAdvtUISequence,
ModuleAdvtExecuteSequence, ModuleIgnore, ModuleInstallUISequence,
ModuleInstallExecuteSequence, ModuleSubstitution, ModuleConfiguration

Background mechanism:
Merge Module is working by checking the version, size & date of the file. If the file is Dll or
OCX, it will check the version, other files like text file it will check the Size & Date. It works by
the Mechanism of Shared Dll’s Count Concept which is stored in the Registry information
“HKLM\Software\Microsoft\Windows\Current Version\SharedDlls\”

Q: You can create Merge Module for text file, how?

Ans: Yes you can create Merge Module for the text file also. It will works by the mechanism of
checking the file Size & Date.

 Concept of isolation
Windows supports the use of shared libraries, usually DLLs and OCXs, to reduce
memory and disk-space requirements for applications, and to help developers with modular
application development. However, when many applications are installed on a system, using
shared libraries can lead to application instability. Common problems include the following:

19
  Newer versions of a library may not be backward compatible with earlier versions.
 Similarly, older versions of libraries may contain bugs that applications have worked
around; when a newer version is released, the workaround fails.
 Poorly written legacy installers can overwrite a newer version of a library with an older
version.
 Poorly written Uninstallers can uninstall libraries required by an application that remain on
the system. These and other problems are commonly called DLLHELL.

Windows Installer minimizes some of these problems. MSI enforces strict file-
Overwrite rules, so a newer version of file will not be overwritten by an older one. Its self-
repair features can lessen the effects of an uninstaller removing a file still required by another
application.

Moreover, newer versions of Windows have introduced features that enable an

application and its dependent libraries to be installed to the same directory, so an application
can be installed with DLL versions known to work with the application. Using application
isolation features can be useful if, for example, the conflict -identification process identified
different versions of the same file being used by multiple applications.

Application Isolation Techniques

The two application isolation techniques are DLL/COM redirections, supported by Windows
2000 and later, and WIN32 Assemblies, supported by Windows XP.

DLL/COM Redirection (Local)

Windows XP and Windows 98 second edition support a feature called DLL/COM
Redirection (Sometimes just "DLL Redirection", or "Isolated components"). Where an
executable and its DLLs can be installed to the same directory, and Windows will use the
copies of the DLLs in the executable directory. To enable the DLL redirection, one creates a
"Redirection file", which is an empty (Zero-byte) file named after the application with
extension "Local” appended to it, in the application directory for an executable called
"sample.exe", the Redirection file would be named "Sample.exe.local".

Win32 Assemblies (manifest)

In Addition to supporting DLL/COM Redirection, Windows XP supports a second type of
isolation using Win32 assemblies. A win32 assembly is an executable or DLL with a manifest
file-a specify formatted XML text file - describing the assembly's dependencies. The main
advantage of using Win 32 assemblies is that can be installed without writing COM data to the
registry, ideally making the application and its libraries completely self-contained.

The two types of manifests used in Win32 assemblies are application manifests and assembly
manifests. An application manifest contains an application's name and version information,
and the names and COM information for its dependent libraries (An application manifest file
should be named AppName.exe.manifest.) The other type of manifest, an assembly, is a
manifest for a DLL or OCX file, containing the library's file name, version, and COM
information. Every manifest contains an assembly identity. An assembly identity is a name of
the form OrganizationName.DivisionName.AssemblyName. Unlike application manifest, which
are named after an executable, assembly manifests are named after the assembly identity
with the extension ".manifest" appended, as in:

 OurCompany.AppMigration.AssemblyName1.manifest

 Software management
Software Manager lets you import packages and their resources into the Software
Manager database, which provide a centralized point for managing all applications at any stage

20
 of deployment. Once a package is in the Software Manager database, you can view its
resources, either on-screen or by running any of the predefined Software Manager reports.
From Software Manager, you set the package's status, which determines whether the package is
still in development, available for deployment, or retired. Finally, when a package is available for
deployment, you can use the Package Distribution tool from within Software Manager to
distribute the package to end users through a distribution system.

 Conflict management: Use Conflict Manager to detect and resolve software conflicts
before you deploy packages across your organization's workstations. Conflicts occur when two
or more applications install the same system resource, such as files (including .DLLs, .VBXs,
and .OCXs), the Windows registry, and other items.

 Validation ICE
In Wise Package Studio, by using “Package Validation” option by selecting the MSI with the
default Cub file or Browse your own Cub file.

In Install Shield, by Build  Validate  Default Cub file or Browse your own Cub file.

ICE: “Internal Consistency Evaluation”. ICEs are used to validate installation packages.

Some important ICE Error number: There are totally 96 ICE Errors and 14 ICE Errors in the
Windows Installer. Some examples are as follows

ICE03 -Basic data and foreign key validation

ICE18 -Validates the KeyPath column of the Componenttable when it is NULL.
ICE21 - Validates that all components in the Component table map to a feature in the
Feature Components table.
ICE33 -Checks for entries in the registry table that belong in other tables.
ICE38 - Validates that components installed under the user's profile use a registry key
Under HKCU astheir key path.
ICE64 - Checks those new directories in the user profile are removed in roaming
Scenarios.
ICE57 - Validates that individual components do not mix Per-machine and per-user
data.
ICE59 -Checks that advertised shortcuts belong to components that are installed by
the target feature of the shortcut.

Q: Difference between CAB & CUB file?

A: Cab file is file which stores the compressed files of the application. Cub file is special files which
will create while compiling that contains the ICE errors. When we validate the application with any
validation tool like ORCA, that tool will read get the ICE errors from CUB file and display to the
user.

 File types of Application Packaging

WSI - Microsoft Windows Installer Project file
ISM - Install Shield Project file
MSI - Microsoft Windows Installer
MST - Microsoft Transform
PCP - Windows Installer Patch Project file
MSP - Microsoft Windows Installer Patch

21
 WSM - Microsoft Windows Installer Merge Module Project file
MSM - Microsoft Windows Installer Merge Module
EXE - Executable file

 Event viewer, services.msc, task manager

 Event Viewer: Windows utility tool in the OS. To view all exceptional events occur in OS.
Used for system administrator to track the performance of the OS. Open “eventvwr” in the
run command.
 Services: Services.msc
 Task manager: Taskmgr will show all processes with the corresponding account (System/
User).

 Difference between Self Heal and Repair

Self-Heal and Repair are two different concepts in Windows Installer which people many times
consider to be the same thing however there is difference in these two.

Self-Heal is triggered by advertised shortcuts, or other advertising information in the package

which eventually Repairs the application.

When the application is launched by advertised shortcut, it checks for all the key paths of the
Current Feature, if any of the key paths is missing it will launch Repair.

Note that if there are multiple features then it will not check the missing key paths of the
other features, but only the feature of which the advertised shortcut is launched.

Repair of an MSI can be triggered by

 Repair button in Add/Remove programs

 Giving the command line msiexec /f{other option} {MSI name}
 Self-Heal by advertised shortcut or other advertising information.
 Active setup

Once the repair of the package is triggered, even with Self Heal, then the whole of the MSI
is reinstalled. Then it does not see that only the feature which triggered the self-heal should
be repaired, but the whole MSI, by which I mean all its features are reinstalled.

 Driver packages
Def: If the application has the files with extensions .INF .SYS .PNF then we can conclude
that the application will install Driver entries.

Problem: If the application installs the driver file, which is existed in the system with
same name, then it will give the error that state the “the driver is already existed in the
system”

Custom Action: Using the DPInst.exe or Setupapi.dll , we can create a custom action
to get rid of the problem.

Solution:In driver packages, where we need to customize the package in such a way that
it should check for the max XX value that is present in the machine and install the PNF or
INF file. If the file oem14.INF is the max XX value that is present in the machine, while
installing the package it should install the INF as oem15.INF resulting in the unique name
for the INF file for that machine. For this purpose we write a custom action using
setupapi.dll/DPInst.exe

22
 Shortcut Questions:
Advertised and Non-Advertised shortcuts.

Q: How to convert a non-advertisement shortcut to advertised shortcut.

A: change the target field in shortcut table from file path to feature to make a non-advertised
shortcut to advertise shortcut.

Q: How to advertise a feature?

A: Feature  properties advertisement  Favor advertisement.

 Launch Actions:
Launch conditions are requirements that the destination computer’s system must meet for
installation to occur. The Launch Conditions are conditions those Values in the Condition
column represent conditions that must be true for the installation to begin. If a condition is not
true, the text in the Message column is displayed to explain to the user why the installation
cannot continue.

Example scenario: If we want install a product for a particular platform like WIN XP or below
to WIN XP then we can use launch condition like below that won’t install the application above
the WIN XP

VersionNT>=501

 System search: Use the System Search page to search for specific files or
directories, .INI files, registry entries, or components on the destination computer. Using
these search items, you can search for a previous version of your application, for another
application, or for a particular part of an application.

There are three instances in which you might use this page:

 To find a previous version of your application that wasn't installed using Windows Installer
technology.

 To find any files or directories, .INI files, registry entries, or components of a previous version
of your application. You can specify the items for which you want to search and then code
your installation so the new version is placed in the same location as the previous one, rather
than in a default location.

 To look for a specific third-party application on the destination computer. For example, you
might want to include a feature in your application that is only installed if a certain application
is already installed on the destination computer.

Note: the system search entries will be stored under AppSearch table.

 Permissions:
In the MSI, we can give permissions through Lock Permission table. The problem with this
method is if you provide the permissions to a group. In future if some new users join to the
group then he won’t get the permissions.

23
 We can give permission for files & folders through VB Script by using the CACLS&XCACLS
commands. CACLs should only run on NTFS partitions.

CACLS – Changes Access Control ListS

“cacls c:\myfile.txt /E /G <user name>: F”

In VB Script

On Error Resume next

Set Wshell = CreateObject (“Wscript.Shell”)
Wshell.Run “cacls c:\myfile.txt /E /G <user name>: F”

 ORCA
This tool is a Microsoft product. It is used for edit the MSI Databases (tables) and validation
the msi.
o No limitation for the table entries
o Easy to edit the Databases
o If you edit any tables and give save, only those tables will be modified, but in Wise or Install
Shield all the tables will change

 Registry
The Registry is a single place for storing information about the Windows OS (Hardware &
Software).

Structure Root Keys / Sub trees, Sub keys, Hives, Entries

Types Machine-Specific (HKCR, HKLM, HKCC, HKU), User-Specific (HKCU, HKU)

Root Keys

HKEY_CLASS_ROOT (HKCR)
HKEY_LOCAL_MACHINE (HKLM)
HKEY_CURRENT_CONFIG (HKCC)
HKEY_CURRENT_USER (HKCU)
HKEY_USERS (HKU)

 Active setup: If your application requires installation of components such as files or

registry keys on a per-user basis, but your application has no advertised entry points or other
triggers to initiate the installation process, then Active Setup is the solution.
Definition
Active setup is a process that runs automatically when a user logs in.

Work flow:

24
 By the behavior of user profile settings like per user files or HKCU registry keys, these
settings do not come other user when logs in to the machine. So to get rid of the problem we
will add the active setup registry key in our package.
When the new user logs in to the system, these below key will compare.
HKLM\Software\Microsoft\Active Setup\InstalledComponents\%APPNAME% and
HKCU\Software\Microsoft\Active Setup\InstalledComponents\%APPNAME% , and if the HKCU
registry entries don't exist, or the version number of HKCU is less than HKLM, then the specified
stubpath command line will execute. Normally we will key stubpath command line to repair the
application. Once the stubpath will execute whatever the action specified in the command line
like repair will happens and these user specific keys will come for the logged in user.
Example for stubpath: "Stubpath"="msiexec /fups {ProductCode} /q"

 Run Keys Important registry/Uninstall Registry:

 INI file:
INI files are plain-text files that contain configuration information. "INI" stands for
initialization.

[Section]
Keyname=value

Condition: The INI files will be added in INI section than files section because if a INI file add in
INI section, It will append the content of it to the existing file in the system rather than replacing
the old file from the system and also it will remove the content which it added on installation on
uninstallation.

 Services:
A windows service is a background process which is loaded by the Service
Control Manager of the OS.
Types:
Win32 Service (Win32 services are the services which is running by the executable file installed
by the Application).
System or Kernel Services (Kernel services are the services which are used by the OS to
communicate to the hardware devices).

Note: 1. Most of the Service information is stored in the windows registry

“HKLM\System\CurrentControlSet\Name of the Service”

2. The service information will store in the following tables.

Service Install (Service Details)
Service Control (Controlling the service during Installation & UnInstallation)

 ODBC & DSN:

ODBC means Open Database Connectivity. The purpose of ODBC is to allow the
user to access data from any application.
The layer between the application and the DBMS called DSN.

25
 System DSN (DSN will be available for all users)
User DSN (DSN will be available for that particular user)

 File Association: The Windows operating system recognizes file types and associates
them with programs based on their file extension.
A file that carries no extension or no associated program is called Orphaned.

 Environment Variable Environment variables are strings that contain information

such as drive, path, or file name. They control the behavior of various programs.
Example: The TEMP environment variable specifies the location in which programs place
temporary files.

Environment Variable can be found under system Properties (My Computer Properties).
To create or modify Environment Variable on the target system, you can use the environment
variable view of the editor, and environment variable changes must be associated with a
component, by default the environment variable data are installed when a component is
installed and removed when the component is removed.

Types
System Variable:
These variables store information related to resources and settings of any logged user on the
target system.
These system Environment variables are stored in Windows Registry

HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Control\ Session Manager\

Environment

User Variables:
These variables store information related to resources and settings owned by various user
profiles within the system. As a general rule, these variables do not refer to critical system
resources or locations that are necessary for the OS to run.
User Environment variables are stored in Windows Registry
HKEY_CURRENT_USER\Environment
 VB Script
VB Script is a Microsoft Scripting language that means it is a lightweight programming
language. It is a light version of Microsoft's programming language Visual Basic. It is used to
add interaction for the web page projects.

Objects in the VB Scripts

Class Object- Provides access to the events of a created class

Dictionary Object - Object that stores data key, item pairs
Err Object - Contains information about run-time errors
FileSystemObject Object-Provides access to a computer's file system
Match Object-Provides access to the read-only properties of a regular expression match
Matches Collection-Collection of regular expression Match objects
RegExp Object-Provides simple regular expression support

26
 Capture Methodologies: Smart Monitor and Snapshot

Smart Monitor

This Setup Capture mechanism monitors and records the installation's operations as they
happen. This method is faster than snapshot comparisons, because it doesn't require a time-
consuming scan of the computer. SmartMonitor records the following operations:

1. Copying, moving, deleting, or opening a file.

2. Replacing files even if they are the same size, modification date, and version.
3. Creating or removing a directory.
4. Creating, starting, stopping, or deleting a service.
5. Setting or deleting a registry value, creating or deleting a registry key.
6. Overwriting existing registry keys with the same value.
7. Installing ODBC drivers or configuring ODBC data sources.
8. Changing .INI files regardless of their location.
Snapshot

This Setup Capture mechanism scans the computer before installation occurs,
then you perform the installation, then Setup Capture rescans the computer. Setup
Capture records the differences between the two scans and adds them to the
repackaged installation.

The disadvantages of this method are:

1. It does not capture the replacement of files if the files are the same size,
modification date, and version.
2. It does not capture overwriting of existing registry keys.
3. INI file changes are handled differently-if an .INI file is in the Windows directory,
changes to it are recorded as an .INI file change. If an .INI file is outside the
Windows directory, the entire .INI file is added instead of just editing the file.

Using Smart Monitor in conjunction with Snapshot

Merge the results of both methods. If the results of the two methods don't
match, the differences between the methods are added to the repackaged installation
as well. This provides the most accurate and complete representation of the captured
installation. If you selected the snapshot method, the Initial Scan dialog might appear.
Specify whether to rerun the initial scan or use the initial scan that was created
previously.

 DLL Hell is the problem related to .DLL (dynamic linking library) files. In the most typical
case, one application will install a new version of the shared component (.dll file) that is not
backward compatible with the version already on the machine, or an application may install
the previous version. All it takes is a single DLL, VBX or OCX to be missing, or present in an
older version for an application to fail.

27
 DLL Hell refers to a set of problems caused when multiple applications attempt to
share a common component like a dynamic link library (DLL). The reason for this issue was
that the version information about the different components of an application was not
recorded by the system.

In windows applications some dll’s are shared ones. Suppose App1 is an application
running perfectly. It is sharing a shared dll named shared1.dll. You are installing another
application App2. Suppose App2 application is also having a shared dll named shared1.dll. At
the time of App2 installation, installer will overwrite the shared1.dll which is already there on
our system and being shared by App1. The new shared1.dll may be different than the previous
dll which is overwritten. Now the application app1 which is depending on overwritten
shared1.dll will become defunct. App1 will fail which is referred as dll hell.

Note: In Windows installer technology, the DLL Hell issue is overcome by using the techniques
like Application isolation, Shared DLL reference count and file versioning rules.

28