FAQs / Interview Questions of Application Packaging

Q. What is Windows Installer?

A. Windows Installer is a system service for installing and managing applications. It provides a standard method for developing, customizing, installing, and updating applications. It can be commonly found with following interface during install or uninstall:

Properties of Windows Installer:

● Self-healing: Windows Installer supports "self-healing" abilities for applications. Applications can detect common installation problems at launch, like missing files or registry keys, and automatically repair themselves.

● Installation on demand: Windows Installer supports on-demand installations of application features. For example, the spelling checker in Microsoft Office Word may not be installed by default, but a user can trigger an on-demand installation of this feature.

● Installation in locked-down environments: In fully locked-down environments, users don't generally have permission or the ability to install applications. In most cases, they don't have write-access to the Program Files folder of their computers or to the HKEY_LOCAL_MACHINE registry location. If an administrator approves an installation package by means of Group Policy, for instance, Windows Installer can perform an installation on the user's behalf.

Q. When Should You Not Package An Application?

A. Repackaging is not allowed for Service Packs, hotfixes and some drivers which require database connectivity or hardware related physical settings.

OS SP/hotfixes are not packaged as they create low level system changes.

They work on Windows Protected File, which an MSI can not update.

IE and Windows Media Player should not be packaged for the same reason.

What is Application Packaging?

Process of creating an installer for an application is called application packaging. Usually in it binary files provided by developers are packaged to form a package. The Main difference between packaging and re-packaging is that the source files does not come in the form of package in packaging where as in re-packaging they come in a form of a package, which might be MSI or legacy package (such as executable, batch files, etc).

Repackaging:
Repackaging (Customized Installation) is the process of capturing the changes made by an Installation Program (Package) and it is customized to support company standards and distribution methods. It is not necessary to do setup capture to call it repackaging, even creating .MST files or .ISS files can be called application repackaging.

Before doing setup capture, we should close all running apps. Besides this we should also close following, to get a junk-free capture: Windows Firewall, Anti-Virus application, Windows Update.

What are the steps of Repackaging?

•Review the packaging requirements (User Requirement Review)
•Analyze the vendor package (Tech Review)
•Repackage the application (Setup capture)
•Customize the package (Scripting)
•Test the package (Testing & UAT)
•Release the package to end users (Deployment)

Why repackaging is required & what are the problems in Legacy Installation?

Most common reasons for Re-packaging are as follows: Customized installation, self-repair, Unattended install, Reduce support costs, Source resiliency
The problems with Legacy installations are as follows: High Support Costs, Difficult & labor Intensive deployment & management, Fragile Installs & un-installs.

What is Config.msi folder?

Rollback script files are stored in the config.msi location.

It saves files with the extension of .RBS and .RBF. These are Rollback Script Files used by the installer to uninstall recent changes if an install fails somewhere along the way. The rollback script file (.rbs) is always stored in the Config.msi folder on the disk where the operating system is installed.

Upon a successful completion, this folder and files are deleted automatically. However, sometimes the installer program fails to remove these files. In this case, you may safely delete the CONFIG.MSI folder and files from your hard drive.

Why more than one MSIEXEC run in the task manager while installing the MSI?

While a MSI getting installed, We see 3-4 MSIEXEC running in task manager, they are MSI server,

Client and Services and the 4th one will be seen when a custom action is getting installed.

Why are multiple MSIExec.exe processes running on my machine during an installation?

A. A number of MSIExec processes can be running during an installation. The reason for this is that Windows Installer uses a client-server model for performing installations. Additionally for security reasons, Windows Installer hosts DLL and script custom actions in a "sandbox" process. Depending on how the install was initiated, one of the MSIExec processes can be the client process. Another MSIExec process is Windows Installer service. Any remaining MSIExec processes are usually sandbox processes for hosting custom actions. The determination as to which MSIExec process will serve as the sandbox process for a script or DLL custom action depends in part on whether the custom action will run elevated or impersonated and whether the custom action is 32-bit or 64-bit.

● An ALLUSERS property value of 1 specifies the per-machine installation context.

● An ALLUSERS property value of an empty string ("") or 0 specifies the per-user installation context.

● If the value of the ALLUSERS property is set to 2, the Windows Installer always resets the value of the ALLUSERS property to 1 and performs a per-machine installation or it resets the value of the ALLUSERS property to an empty string ("") and performs a per-user installation. The value ALLUSERS=2 enables the system to reset the value of ALLUSERS, and the installation context, dependent upon the user's privileges and the version of Windows.

● Windows 7: Set the ALLUSERS property to 2 to use the MSIINSTALLPERUSER property to specify the installation context. Set the MSIINSTALLPERUSER property to an empty string ("") for a per-machine installation. Set the MSIINSTALLPERUSER property to 1 for a per-user installation.

● Windows XP: Set the ALLUSERS property to 2 and Windows Installer performs a per-user installation if the user has user access privileges.

If the value of the ALLUSERS property does not equal 2, the Windows Installer ignores the value of the MSIINSTALLPERUSER property.

ALLUSERS=2 -> Depending upon user rights application will be installed.

If the user is Administrator then app will be installed as ALLUSERS=1
If the user is non-admin then app will be installed as ALLUSERS=2

What is a Shared DLL Component?

Shared DLL component is a DLL file have common to the similar component/product is known as

shared DLL.

What is location of Shared DLL Registry?

HKCU\Software\Microsoft\Windows\Current Version\"Shared Dll with the path of file "

Shared DLLs:
All the DLLs captured in the WSI/ MSI will be a shared DLL.

Since the DLLs from the MSI are shared DLLs, any new application that would be installed on the same machine in future will increment the corresponding DLL count. All the Shared DLL counts can be viewed from the following registry location:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls

When there is a DLL conflict found this is named as DLL Redirection.

launch condition?

Used to check system requirements on the destination computer.

Launching Condition: Feature level <= install level

you should be using launch conditions to prevent users from installing it on unsupported platforms also.

It is implemented by launch condition table:

Condition	Description
Not VersionNT64	[ProductName] will only work on 32-bit versions of Windows. Please run the setup on 32-bit Windows. Setup will now exit.
VersionNT64	[ProductName] will only work on 64-bit versions of Windows. Please run the setup on 64-bit Windows. Setup will now exit.

Privileged	[ProductName] requires administrative privileges or elevated privileges. Setup will now exit.

What is Environment variable? Where environment variables stored in MSI tables? Environment variables are the variables that are set by the Operating System and application ∑ User Variables(Available for that particular user) ∑ System Variables (Available for all users) Environment tables following columns environment name, environment value, environment component.

Components

A component is the minimal part of a product-each component is treated by Windows Installer as a unit: the install developer cannot, for example, use a condition to specify to install just part of a component. Components can contain files, groups of files, directories, COM components, registry keys, shortcuts, and other data. The end user does not directly interact with components.

Components are identified globally by GUIDs, thus the same component can be shared among several features of the same package or multiple packages, ideally through the use of merge modules (although, for this to work correctly, different components should not share any sub-components).

Key paths

A key path is a specific file, registry key, or ODBC data source that the package author specifies as critical for a given component. Because a file is the most common type of key path, the term key file is commonly used. A component can contain at most one key path; if a component has no explicit key path, the component's destination directory is taken to be the key path. When an MSI-based application is launched, Windows Installer checks the existence of these critical files or registry keys (that is, the key paths). If there is a mismatch between the current system state and the value specified in the MSI package (e.g., a key file is missing), then the related feature is re-installed. This process is also known as self-healing or self-repair. No two components should use the same key path.

Features

A feature is a hierarchical group of components-a feature can contain any number of components and other features ("sub feature"). Most installation programs display a "custom setup" dialog box at run time, from which the end user can select which features to install or remove.

The package author defines the product features. A word-processing program, for example, might provide features for the main program executable, the program's help files, and optional spelling checker and stationery modules.

Steps to create Minor Upgrade:

Change the Package code and Product Version to create a minor upgrade

Add feature / component by following the guide lines in Section: Requirement for Minor upgrade

Add Remove or Modify files, registry keys and shortcuts.

Add minor upgrade item in upgrades view (this is optional).

Build and use the installer for upgrade.

Q. What is Advertisement?

A. Windows Installer can advertise a product rather than actually installing it. The product will appear installed to the user, but it will not actually be installed until it is run for the first time.

There is a difference between advertising a shortcut (self-heal) and advertise a product/feature(install on demand).

A quick way to find the location of a problem in the log is to open it in a text editor (such as Notepad) and search for the phrase "Return Value 3". This entry commonly appears in logs close to the point where a critical error has occurred. The Windows Installer SDK provides a tool called WiLogUtl, which parses and annotates Windows Installer log files.

Q. Why does the package go for Self-Healing first time the user launches the Application?

A. If the package is containing some HKCU entries then the package will always go for self-healing for the first time. This happens because the HKCU keys are only installed for the current user present while installing the package and not all the users as it is the property of the HKCU. So, if other user logs in then there is a mismatch between the current system state and the value specified in the MSI package (e.g., a key file is missing), then the related feature is re-installed. This is called the Self-Healing.

Q. What is Advertisement?

There is a difference between advertising a shortcut (self-heal) and advertise a product/feature(install on demand).

Q. Why does the package go for Self-Healing first time the user launches the Application?

Q. How to detect the MSI version on the computer?

A. If you want to check the version of the Windows Installer on your system, check the version of MSI.DLL in the Windows\System 32 folder

What are the types Setup Capture in Install shield?

In Install Shield there are two types Installation Monitor: Repackager watches lower level system activities and records related changes made to the system by the setups programs. Snap Shot: Scan the computer before and after the installations and records the difference between the first scan and second scan.

What is Wrapper MSI?

It means that the Application(MSI) is packaged by calling the exe(executable file ) inside the MSI

What is App Search?

App search action is used to search for existing version of products(files, registry, ini..)

MSI – Locator Tables Group

The Locator Tables group is used to locate files and applications. To search for a file, first determine the file signature and then locate the file. The Locator tables are used to search the registry, installer configuration data, directory tree, or .ini files for the unique signature of a file. The file signature can then be checked in the Signature table to ascertain that a particular file is really the file being sought and not another file with the same name. If a record in a locator table does not contain a key into the Signature table, then the record refers to a directory and not a file.

The location of an application is found by searching for files that make up the application. The installer also provides two tables for searching for previous versions of an application: the AppSearch table and the CCPSearch table.

The following tables make up the Locator tables group and are used to determine the file signature.

● The RegLocator table holds the information needed to search for a file or directory in the registry.

● The IniLocator table holds the information needed to search for a .ini file. The .ini file must be present in the default Microsoft® Windows® directory.

● The CompLocator table holds the information needed to search for a file or a directory using the installer’s configuration data.

● The DrLocator table holds the information needed to search for a file or directory in the directory tree.

● The AppSearch table contains the properties that must be set to the search result of a corresponding file signature.

● The CCPSearch table contains the list of file signatures, at least one of which needs to be present on a user’s computer for the Compliance Checking Program (CCP).

What is use of MSI Assembly tables?

It is used for the registration of .Net Assembly files

Oem (original equipment manufacturer) count

Can be found in C:\Windows\INF\oemXX.inf file. Where XX is a number, keeps on increasing as inf files keep installing on the machine.

Driver packages saves in driver store in C:\Windows\System32\DriverStore\FileRepository

Inf cat PNF and sys files are created

Dpinst /a /se /path and path of inf file

/s or /q: silent

/f: force install if the current driver is not better than the existing one

/sa: suppresses ARP entries for each driver packages

/a: install all or none

/path: search for driver packages under the given path

/SE: suppresses EULA

/SW: suppresses the device installation wizard

- Maximum how many files you can add in msi?

The maximum limit is 32767 files.

difference between hkcu and hku

HKCU is not a "real" subtree, but it represents the Registry portion of the user profile for the user who is currently logged on at the console of a Win2K server or workstation. When a user logs on, the file ntuser.dat is loaded into the Registry under HKU\<SID>. HKCU is an alias that references the location. Changes made to HKU\<SID> are automatically reflected in HKCU because they are the same keys and values.

why do we create mst, if it is a vendor msi source?

MS/vendor will not support if we edit the vendor MSI. This is a best practice.

Number of components per feature: There is a maximum limit of 1600 components per feature using Windows NT. There will be a ICE47 validation warning if your package is above this limit.

What are the disadvantage/drawbacks of MSI?

Resiliency: Resiliency can be inconsistent with repackaged applications because the repackager utility may not fully understand the component dependencies or what the key paths of the application should be. Therefore, an application may be packaged into one large feature that gets entirely reinstalled if a component key path is missing. If it were further broken up into multiple smaller features, it would enable a more manageable resiliency.

Distinguish between a standard and packed GUID

A standard GUID requires 38 characters and contains 5 groups of hexadecimal characters separated by dashes. The valid format for a standard GUID is:

{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}

where X is a hex digit (0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F).

A packed GUID is an alternative representation that allows Windows Installer to reduce the space in the registry database when storing a GUID. A packed GUID requires only 32 characters. Its valid format is:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

A packed GUID can be obtained by applying a transform to a standard GUID. This transform performs the following operations:

● removes the curly braces and separating dashes from a standard GUID;

● writes the first three groups of hexadecimals characters in a standard GUID in reverse order;

● switches every two characters in the fourth and fifth group in a standard GUID.

Reference Counting: the number of products which have installed a particular component.

The term “Reference Count” ensure applications that share content do not break other shared applications during uninstallation of your products.

If different MSIs use same component, reference count keeps increasing for the component. If one of the MSI is being uninstalled, that component will still stay in the machine with reference count reduced by one. And will ultimately get removed completely when last MSI is removed i.e. ref count reaches value=0.

You should remember that MSI keeps a refcount across MSIs for components with the same component id.

Scenario Based Qs:

Q. How will you come to know that a specific component of a package, is installed on a machine or not, without checking installed files/registries which it was supposed to install.

A. check install verbose log. If the component is installed, you will come to see that component GUID and details of it there.

*Also, in registry hive we can find out that the list of components are installed in hklm\s/w\MS\Windows\CurrentVersion\Installer\UserData\s-1-5-18\Components\ OR in

Hkcr\installer\components\

*requires validation

Example Scenario: During initial installation the TARGETDIT property took on the value of the SOURCEDIR property. Since the SOURCEDIR property was undefined as per MS Installer SDK behavior it defaulted to the ROOTDRIVE property value.

Now, the user who uses this application does not have access to the rootdrive (which is say D:\). So, every time he starts the application, it tries to access D:\ , and since he doesn't have access to D:\ the MSI tries to self-heal. Uninstalling and re-installing using msiexec (msiexec /i setup.msi TARGETDIR="D:\Program Files\test\app") and setting the TARGETDIR property to the actual installation directory (to which the user has access) fixed the issue, and the MSI doesn't try to self-heal again. Now, I was wondering if the “targetdir” parameter is stored anywhere (say, in the registry) where it can be edited on the fly without the need for re-installation.

Q. If a component is kept as “Permanent”, how does the computer comes to know that it should not be removed during uninstall?

A. This means that the component attribute contains a binary bitmask value of 16 or msidbComponentAttributesPermanent.

Q. Why same resource cannot be shared between two components? What will be the issue?

A. It is illegal that the same resource is part of more than one component since this would break the refcount mechanism. Lets illustrate this:

Feature	ComponentId	Resource	Reference Count
Feature1	{1000-…}	File1.txt	1
Feature2	{2000-….}	File1.txt	1

The installation part works well but what happens when you uninstall Feature2? Component {20000…} gets a refcount of zero where MSI deletes all resources belonging to this component.

Difference between run, run once and active setup?

The differences between RO and AS are little. They can essentially perform the same tasks;run something once per user. One big difference between them is that AS retains what has been executed in the users regkey, where the RO does not. So unless your ation is setup to create a log file, you don't have a log file to quickly check if something was executed, and if it failed or not.

run: command runs every time
runonce: command runs one time and the registry is then removed
active setup: runs one time per user logging in, can be configured to run once again by increasing the version value

Active Setup is better for deployment purposes because you can see what has been executed by looking to the registry. RunOnce on the other hand, removes itself after it executes so there is no inherent record of it.

Run:

The Run key is processed after every logon, either by the Explorer shell, if it is present, or by First Boot Agent (FBA), if a custom shell, Command shell, or Task Manager Shell is used. If FBA processes this key, it does so after every logon, not during first boot as it normally would. Typically, this flag is used to load Systray applications, launch services in executables, hide autostart applications, or hide background processes

Run Once:

The RunOnce key is processed only once, by FBA, after Plug and Play device enumeration and DLL registration processing have completed. The values of this registry key are deleted from the registry after it is processed, so that it will not run again. Typically, this flag is used when a reboot is required, such as for a DLL or OCX registration, or for cleaning up a setup or an uninstall.

The Windows registry includes the following four Run keys:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

The data value for a value is a command line.

There are some special considerations for the third and fourth keys in the list, the RunOnce keys:

1. By default, Run keys are ignored when the computer starts in Safe mode. Under the RunOnce keys, you can prefix a value name with an asterisk (*) to force the associated program to run even in Safe mode.

2. You can prefix a RunOnce value name with an exclamation point (!) to defer deletion of the value until after the command runs.

3. Without the exclamation point prefix, a RunOnce value is deleted before the command runs. As a result, if a RunOnce operation does not run properly, the associated program is not asked to run the next time you start the computer.

an application must not continually re-create entries under RunOnce. Doing so will interfere with Windows Setup.

How to practically install a patch of single file addition, where msi is already installed across org?

Create msi adding the new file, with same prod code but different package code and put REINSTALLMODE as “vomus” in Property Table and REINSTALL=ALL in CMD.

Where v asks installer to run from source and not from local cache, hence it does not repair/modify/change but installs the patch only.

What to change in msi if we need to copy install files in another location (example changing file location c:\windows\A to C:\windows\B in windows directory?

TARGETDIR*

*requires validation

How to advertise a feature/product?

ADVERTISE property

The value of the ADVERTISE property is a list of features delimited by commas that are to be advertised. The features must be present in the Feature column of the Feature table. To install all features as advertised, use ADVERTISE=ALL on the command line. Do not enter ADVERTISE=ALL into the Property table because this generates an advertised package that cannot be installed or removed.

How to skip set of components from getting installed in a package?

Either delete those components or remove the GUID of those components. *

*validation required

How many application entry points are available?

Entry points allow Windows Installer to proxy the startup of an application and
perform application management tasks before the user is allowed to access the application. In
other words, when you double-click the icon for a Windows Installer packaged software
application, it does not actually attempt to start the application directly. The icon is a special icon
that asks Windows Installer to find the software application and start it. This is when Windows
Installer can use the MSI repository information, the installed application resources (files,
registry keys, and so on), and the original package file to perform the magic of self-healing and
install on demand.

An entry point/advertised interface can
be:

• A shortcut (special Windows Installer shortcut)
• A document extension (association)
• A MIME type (Internet document types)
• A Class ID (CLSID)—Programmatic identities used for sharing software within and
between various applications

I can change My Document folder,My Favorites,Start Menu?

Use Registry entry

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Then change path you want to change and Log off or Restart machine to view changes

Self Healing:

Q. When I try to run the MSI on a Windows 7 install, I'm getting:
The install cannot continue because a system reboot is pending

How can I resolve this issue?

Open msi in Installshield
Click General Information
Open Install Condition in the left screen (click on the + sign)
Remove the MsiSystemRebootPending<>1 (red cross)

Packaging Stuffs

Search This Blog