- When an administrator user logs on to a Windows Vista computer, two access tokens are created: a filtered standard user access token, and a full administrator access token. Instead of launching the desktop (Explorer.exe) with the administrator’s access token, the standard user access token is used. All child processes inherit from this initial launch of the desktop (the explorer.exe process), which helps limit Windows attack surface. By default, all users, including administrators, log on to a Windows Vista/7 computer as standard users.
- Certain Custom actions in MSI that write to protected files on the destination computer need elevated rights.
- While the UAC is enabled and such installer is run, the user is prompted in 2 ways:
- The user with administrator account is prompted to confirm whether they should continue to run.
- The user with standard account is prompted to enter a password for an administrator account in order to continue the installation.
- The UAC prompts up due to security reasons.so by using windows installer tools figure the files/folder/registries requiring security permission for proper execution.
- Apply Secdit by creating a security template which contains the needed permission on the folder/file system/registry whatever and apply it with a custom action which calls secedit.
- Files-In-Use functionality is among the countless services that Windows Installer exposes for setup authors to leverage for their application install/maintenance. This functionality lets setup authors display the processes that hold on to files that would be updated by this install. The user would want to shut those processes before continuing with the install to ensure that the install wouldn’t require a reboot. The current Files-In-Use mechanism involves enumerating the HKEY_PERFORMANCE_DATA key using registry API for information on processes and the PE images that they have held in-use. This works well in scenarios where the process holding the file in use has a visible window that the user can shut down.
- Usage of the new Restart Manager API’s will allow Windows Installer to display processes such as: system services, tray applications or applications that have no visible window that require shutting down to avoid a reboot. Additionally, Restart Manager provides additional functionality above-and-beyond enhanced files in use detection, including:
- Shutting down of all or selected processes.
- Automatic restart of processes that were shutdown to install the in-use files.
- Ability to join a currently running Restart Manager session to consolidate shutdown/reboot across multiple installations.
- Appilications that had been shut down, have the opportunity to be restarted to a state that they were before being shut down.
Controlling Windows Installer’s interaction with Restart Manager
Windows Installer provides the following properties and policy to let setup authors and IT admins fine tune their setup’s behavior:
MSIRESTARTMANAGERCONTROL: This property specifies whether the Windows Installer package uses the Restart Manager or FilesInUse Dialog functionality.
MSIRMSHUTDOWN: This property determines how applications or services that are affected by an update should be shut down while a reboot is being mitigated.
MSIDISABLERMRESTART: This property determines whether applications or services that are affected by an update are restarted when a reboot is being mitigated by Windows Installer's interaction with Restart Manager
DisableAutomaticApplicationShutdown: This policy specifies whether Windows Installer uses the Restart Manager or FilesInUse Dialog functionality.
In order to control the restart manager is by editing the Settings on the Windows Installer Options (Target System) tab.