2

I have an application that includes a shell that is displayed for all non-admin users. During installation the shell needs to be closed. However if anything goes wrong during installation, I would like the shell to be restarted via a custom action. For legacy reasons, I accomplish both the close and the restart via C# custom actions. Here is the WiX code:

<CustomAction Id="CA_StopShell" ... Execute="deferred" Impersonate="no"/>
<CustomAction Id="CA_StartRollbackShell" ... Execute="rollback" Impersonate="yes"/>

<InstallExecuteSequence>
  <Custom Action="CA_StartRollbackShell" Before="CA_StopShell">  </Custom>
  <Custom Action="CA_StopShell" After="ProcessComponents" />
</InstallExecuteSequence>

This works fine, but it also brings up the shell for the admin user when there is an install failure, which is bad. The question is how do I make the custom action only occur if the user was not the Admin user?

I tried:

<Custom Action="CA_StartRollbackShell" Before="CA_StopAllAADProcesses"> NOT Privileged </Custom>

But that didn't ever start the shell back up.

FYI, I'm using Wix 3.8.

Thanks for any help you can give.

James R
  • 145
  • 2
  • 13
  • Did you try to detect the user from c# custom action and then run the script if a non admin ? – LeoN Nov 05 '14 at 12:08
  • Yep. Unfortunately, even though I specified Impersonate="yes", when I examined "Environment.UserName" I get the admin name, not the log in name. When I try to use "System.Security.Principal.WindowsIdentity.GetCurrent().Name" I get an exception that the system cannot load 'System.Security.Claims.ClaimsIdentity' from assembly 'mscorlib. I presume that is because this is an embedded app and that piece was left out. – James R Nov 05 '14 at 14:04
  • Correction, the exception was because I was targeting the wrong .net framework with the custom actions. But the result was that System.Security.Principal.WindowsIdentity.GetCurrent().Name also returned the admin name. – James R Nov 05 '14 at 14:14
  • Not sure what you mean by "the Admin user" because there could be more than one. Also, if this install gets elevated, then Privileged will be set because you are elevated in the execute sequence. The USERNAME property will give you the installing user, and UserSID the sid, which should be passed into the custom action to get their values into your CA code if you need to do something with them. Impersonation has some odd effects sometimes, for example the user's profile isn't loaded. – PhilDW Nov 05 '14 at 16:05

0 Answers0