http://www.mail-archive.com/wix-devs@lists.sourceforge.net/msg01483.html
I found the above link gave an account regarding the issue that WIX is not able
to conditional ACL a folder using <permission> in a <component>,e.g.,
<Folder >
<Component >
<CreateFolder>
<Condition>...</Condition>
<Permission>
.....
</Permission>
</CreateFolder
</Component> .
</Folder>
I bumped into a similar issue:
<Directory Id='d_LogFiles' Name='LogFiles'>
<Component Id='c_LogFiles'
Guid='CCF15E9E-5356-46A6-9D9E-76ABFFC11144'>
<CreateFolder>
<Permission User='[ADMINISTRATORS]' Extended='no'
GenericAll='yes' />
<Permission User='[NETWORKSERVICE_ACCOUNT]' Extended='no'
GenericAll='yes' />
</CreateFolder>
</Component>
<Component Id='c_LogFilesForConsoleOnly'
Guid='0F3D51F0-AA81-4BE3-94FB-12425D611CAC'>
<CreateFolder>
<Permission User='[USERS]' Extended='no' GenericRead='yes'
GenericExecute='yes'/>
</CreateFolder>
</Component>
<Component Id='c_LogFilesForFullInstallOnly'
Guid='8B6ABC17-7A6F-401c-9DDB-67DBB3799D6D'>
<CreateFolder>
<Permission User='[WUS_ADMINISTRATORS]' Extended='yes'
GenericAll='yes' />
<Permission User='[WSUS_REPORTERS]' Extended='yes'
GenericRead='yes' GenericExecute='yes'/>
</CreateFolder>
</Component>
</Directory>
The component 'c_LogFiles', 'c_LogFilesForConsoleOnly' and
'c_LogFilesForFullInstallOnly' belong to different <feature>.
That are conditinally switched on/off. The [WUS_ADMINISTRATORS] and
[WSUS_REPORTERS] are conditionally created also.
When installing with console only option, the LogFilesForFullInstallOnly' is
switched off, and [WUS_ADMINISTRATORS] [WSUS_REPORTERS] are not to be created.
Therefore, shouldn't the SID checking for those group be skipped? Yet I got the
following errors:
ExecSecureObjects: Error 0x80070534: failed to get sid for account: WSUS
Administrators -they should not be created nor should the SID for that group be
checked accordingly.
Note here I set Extended='yes" (in order to avoid using LockPermission table)
for the two security groups [WUS_ADMINISTRATORS], [WSUS_REPORTERS] as they are
not pre-existent users, while LockPermission table requires the user exists
beforehand.
Actually my earlier test even showed that with the Extended='yes' set for
[NETWORKSERVICE_ACCOUNT], the following errors will be generated:
ExecSecureObjects: Error 0x80070534: failed to get sid for account: NT
AUTHORITY\NETWORK SERVICE
I am not sure if the WIX can recognize the sid for network services by now in
ExecSecureObjects
Thanks,
Fei
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
WiX-users mailing list
WiX-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wix-users
