Doctor Deploys Blog

Problem

Description

Mitigation

(by consumer of EXE)

Crash

Bad EXEs can bring down the custom action sandbox

None

Binary Dependency

Bad EXEs can require technologies that are not in the system at the time of the install.  Specific instance: MSXML custom actions required MFC 7 but it didn’t exist on machines.

None

Load

Bad EXEs can expect to load DLLs from the path but the path could be customized by the user on the machine.

None

Rights

Bad EXEs can require more rights (e.g. admin) than the package thus breaking scenarios (per-user)

None

Logging

EXEs do not have access to the Windows Installer Log so there is no integrated troubleshooting.

None (best effort, build DLL that provides log path to EXE and puts the log next to or into the Windows Installer log)

UI

EXE do not have access to the UILevel so they do not know whether it’s OK to display UI.

None (best effort, build DLL that reads UILevel and alters command line)

Progress

EXEs do not have access to the widows installer progress bar.

None (best effort, add entries to the ReserveCost table)

Hangs

EXE may hang and neither the Windows Installer nor the user has no way of knowing whether the install is hung or just taking a long time.

None (best effort, build DLL that calls CreateProcess and WaitForMultipleObjects)

Costing

EXE do not have any way of being integrated into the Windows Installer costing

None (best effort, build DLL that add ticks to the progress bar)

Rollback

- rollback behavior
- decision when to execute rollback (did failure occur in the FWD case thus calling the Backward case is extraneous?)

Bad EXE do not support rollback.

None (best effort, build DLL that calls EXE uninstall if exists)

Transparency and Predictability

EXEs are not data driven from the contents of the MSI thus are not transparent to users, especially admins.

None

Uninstall

Bad EXEs do not support uninstall

None (best effort, build DLL that calls EXE uninstall if exists)

Uninstall Rollback

Bad EXEs do not support uninstall rollback

None (best effort, build DLL that calls EXE install)

Repair/Resiliency

Bad EXEs do not support repair

None (best effort, build DLL that calls EXE install again)

First Run

Bad EXEs mix per machine installation with per-user installation that should be invoked at first run

None

Error Codes

Bad EXEs do not provide return codes or have return codes that do not match the custom action return code expectations.

None (best effort, best effort, build DLL that interprets errors returned from the EXE and returns the appropriate value)

Watson

EXE failures are difficult to map to Watson buckets (for teams that have implemented Setup Watson)

None (best effort, build DLL that initializes Setup Watson with the needed context to differentiate EXE error)

PSS Costs

When an EXE fails, the supports costs are absorbed by the enclosing product

None (best effort, build DLL that records needed context to differentiate EXE error)

Localization

Does installation or manipulation by the EXE cause strings to be written to the system?  If yes, how are the strings differentiated?

None

Selection

Some EXEs have different levels that can be installed (Minimum, Full).

None (best effort, build DLL that maps UI or feature selection to different levels in EXE)

Terminal Server and SMS

Bad EXEs do not run correctly on Terminal Server where there is no user logged in and will not have a user hive

None

Group Policy (Publishing, assignment)

<missing this context>

None

Debugging

There is no way to debug custom actions in EXE from MSI.

None (best effort, build DLL that uses dll debugging then alter EXE call from inside DLL)

Access to Database

EXEs are unable to access the database

None (best effort, build DLL that uses dll method to access the database)

Run From Source or Cache

EXEs are unable to be configured to run from source

None

Servicing

EXEs are more difficult to confirm they contain the right security fixes when servicing

None

Help

EXEs that contain 2.0 User Education integration may not have MSI’s namespace parents configured at the time they are called

None (best effort, move the EXE to a different location in the sequence after the html help custom actions)

Events

EXEs that produce events during install will appear outside the MSI context

None

Customization

Numerous third party tools exist to customize an install to the needs of a particular specialized user (usually LORGs)

None

File In Use

There is no way for a custom action to inform the user that files they want to manipulate are in use

None

Pending File Renames, File in Use, and Rollback

If a EXE custom action replaces files that are held in use and a MoveFileEx causes those files to end up in Pending File Renames, then the install rolls back it’s possible that the files will still be changed on the next boot.

None

Detection of When to Install (Resiliency v Rollback)

A rollback during repair or reinstall could cause premature removal of a EXE install that existed on the machine before MSI was installed.  If one implements rollback, one has to implement foolproof detection for existing installs of the component and not run the EXE package if the same version of EXE is already on the machine.  Otherwise, a cancel or failure in the MSI could cause a preexisting installation of the EXE component to be removed.

None

Reboot

If the EXE requires a reboot, there is no way to communicate the need for the REBOOT to the MSI

None

Cancel

As EXEs can not call MsiProcessMessage, they are unable to respond to the cancel button.

None (best effort, build DLL that calls MsiProcessMessage)

Watson

EXEs that crash may cause a Watson dialog during the install

None