This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- Vista: standard user allowed to modify install via 'change' button in S/W Explorer
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Feb 15, 2008
05:20 PM
Vista: standard user allowed to modify install via 'change' button in S/W Explorer
This behavior is different between WinXP and Vista so I'm tring to figure out if it's a Vista bug or a problem with my MSI package.
Background:
I have an MSI package that is digitally signed and external to the InstallShield 2008 bootstrapper (manifested to require elevation to admin and also digitally signed). Furthermore, my installation is always installed per-machine (managed).
Problem:
When a non-admin user goes into Add/Remove Programs on a WinXP system, they are not allowed to change the installation (change button is disabled). However, on Vista the non-admin user is able to click the Change, Repair, or Uninstall buttons on Software Explorer. When the user clicks the Repair or Uninstall buttons, the installation process correctly prompts for elevation (eventually). However, when they click the Change button and get the Modify/Repair/Remove dialog, they are allowed to execute Modify and remove some optional features without being prompted to elevate. But if they select either Repair or Remove from the dialog, they will be prompted to eleveate (eventually). Also, if the feature in question is NOT installed and they attempt to install it using Modify, they ARE prompted to elevate. It's only removing the feature in which they are NOT prompted.
I understand that when Vista caches the MSI database that it modifies the MSI so it is no longer signed (the reason you get 'unidentified program' when you try to uninstall a program that was digitally signed). Is the behavior above due to this same issue? IOW, they are prompted to elevate when ADDING the feature b/c the original [digitally signed] source is required but not when REMOVING the feature b/c the cached MSI is used and it is not digitally signed. Is that correct?
My non-admin users should NOT be allowed to remove this feature so what are my options here?
Is this an actual bug with Vista or do I need to do something to my MSI package to ensure a non-admin user can't remove optional features installed by the administrator?
Background:
I have an MSI package that is digitally signed and external to the InstallShield 2008 bootstrapper (manifested to require elevation to admin and also digitally signed). Furthermore, my installation is always installed per-machine (managed).
Problem:
When a non-admin user goes into Add/Remove Programs on a WinXP system, they are not allowed to change the installation (change button is disabled). However, on Vista the non-admin user is able to click the Change, Repair, or Uninstall buttons on Software Explorer. When the user clicks the Repair or Uninstall buttons, the installation process correctly prompts for elevation (eventually). However, when they click the Change button and get the Modify/Repair/Remove dialog, they are allowed to execute Modify and remove some optional features without being prompted to elevate. But if they select either Repair or Remove from the dialog, they will be prompted to eleveate (eventually). Also, if the feature in question is NOT installed and they attempt to install it using Modify, they ARE prompted to elevate. It's only removing the feature in which they are NOT prompted.
I understand that when Vista caches the MSI database that it modifies the MSI so it is no longer signed (the reason you get 'unidentified program' when you try to uninstall a program that was digitally signed). Is the behavior above due to this same issue? IOW, they are prompted to elevate when ADDING the feature b/c the original [digitally signed] source is required but not when REMOVING the feature b/c the cached MSI is used and it is not digitally signed. Is that correct?
My non-admin users should NOT be allowed to remove this feature so what are my options here?
Is this an actual bug with Vista or do I need to do something to my MSI package to ensure a non-admin user can't remove optional features installed by the administrator?
(3) Replies
Not applicable
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Feb 19, 2008
11:48 AM
This is expected behavior. Limited Users are allowed to remove features on per-machine products, but cannot perform an uninstallation of the product. As long as the your user removes less than all the features installed, they will not see a prompt.
Logging the installation will verify this as well. For more information on creating an MSI log file, please reference this article:
http://support.installshield.com/kb/view.asp?articleid=Q104807
Logging the installation will verify this as well. For more information on creating an MSI log file, please reference this article:
http://support.installshield.com/kb/view.asp?articleid=Q104807
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Feb 19, 2008
03:16 PM
:confused: On both Windows 2000 SP4 and Windows XP SP2, limited users can only repair a managed installation installed by an admin user (via the "Support Information"-->Repair option in Add/Remove Programs). On both these systems, the "Change" and "Remove" buttons are either visible but disabled (Win2K SP4) or they are not visible at all (WinXP SP2). On these systems, only a user who is a member of the Administrators user group has the "Change" and "Remove" buttons both visible AND enabled.
It doesn't make sense that MS would intentionally change this for Vista systems. I even ran across this discussion thread http://forums.microsoft.com/MSDN/ShowPost.aspx?siteid=1&PostID=1131053 on the Application Compatibility for Windows Vista forum where the moderator also indicated the behavior is unchanged since Windows 2000 (which is not the case as noted above).
Thanks anyway, it sounds like I need to take up the issue with Microsoft. If I get a response I'll update this thread.
It doesn't make sense that MS would intentionally change this for Vista systems. I even ran across this discussion thread http://forums.microsoft.com/MSDN/ShowPost.aspx?siteid=1&PostID=1131053 on the Application Compatibility for Windows Vista forum where the moderator also indicated the behavior is unchanged since Windows 2000 (which is not the case as noted above).
Thanks anyway, it sounds like I need to take up the issue with Microsoft. If I get a response I'll update this thread.
Not applicable
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Feb 20, 2008
08:23 AM
Installations installed with UAC are managed (thus the suggestion to review the log since it'll state the assumed policies and tell you why it's doing what it's doing).