I looked at this the other day. I admit Im not an encryption expert in any way but DPAPI didnt seem to be appropriate. The DPAPI's encryption seems to be tied to the login of the user, so for a per-machine installation I dont think it would work if the installing and maintaining users were different. There is a sort of "per-machine mode" for the API but any process on the machine can read any data that is encrypted in this mode. Am I wrong to discount it ? Its certainly easier to use than the alternatives.
-----Original Message----- From: Rob Mensching [mailto:r...@wixtoolset.org] Sent: 26 June 2009 09:16 To: General discussion for Windows Installer XML toolset. Subject: Re: [WiX-users] Windows service and minor upgrade. You have to keep it yourself. I like using the registry in this case but you are right, you need to encrypt the password. DAPI is a pretty good way to do that. Used to have a CustomAction that would encrypt any given property... don't know what happened to that code. Fiorillo Nicola wrote: > Thank you Rob for you answer. > Yes, it makes sense that these properties are lost after installation. In the MSI log made during update there are no signs about them. It is reasonable. > In this case should I keep these info by myself? E.g. in the registry? > Should I keep user/password in some way? Honestly I'm not convinced for a lot of "security" reasons... > By the way, account information are not removed from the system: during upgrade, it substitutes the executable but user/pwd info are still in the service configuration (I can see them in the Services list). > I supposed that during upgrade only executable should be updated, nevertheless service is not "uninstalled" but only stopped. > > Yes, it seems that the service is "uninstalled" but still "visible" in services list for some reasons I'm ignoring. > Some checks should I do in the log? > > Thank you, > Nic > > --- > On Fri, 6/12/09, Rob Mensching <r...@wixtoolset.org> wrote: > > >> From: Rob Mensching <r...@wixtoolset.org> >> Subject: Re: [WiX-users] Windows service and minor upgrade. >> To: "General discussion for Windows Installer XML toolset." >> <wix-users@lists.sourceforge.net> >> Date: Friday, June 12, 2009, 6:36 PM >> It looks like your repair/minor >> upgrade is replacing the good values >> with blanks. Which makes sense. The verbose log file should show you >> the value for those properties. If you don't remember them they'll be >> lost. >> >> Fiorillo Nicola wrote: >> >>> Dear all, >>> In my wix configuration file I install a windows >>> >> service given account information through the GUI and filling some >> properties (SERVICE_DOMAIN, SERVICE_USERNAME, and SERVICE_PASSWORD). >> Here the snippet: >> >>> <Component Id="InstallService" >>> >> Guid="963a08e5-73dd-4607-c705-2036c4124eab"> >> >>> <File Id="Abba.exe" >>> >> Source="$(var.PATH)/Abba.exe" >> KeyPath="yes"></File> >> >>> <ServiceInstall >>> Id="Abba" >>> Type="ownProcess" >>> Vital="yes" >>> Name="Abba" >>> DisplayName="Abba" >>> Description="Abba Service" >>> Start="auto" >>> >>> >> Account="[SERVICE_DOMAIN]\[SERVICE_USERNAME]" >> >>> Password="[SERVICE_PASSWORD]" >>> ErrorControl="normal" >>> Interactive="no" /> >>> <ServiceControl >>> Id="Abba" >>> Name="Abba" >>> Remove="uninstall" >>> Start="install" >>> Stop="both" >>> Wait="yes" /> >>> </Component> >>> >>> It works fine for install and uninstall. >>> My problem is that when I have to update the package >>> >> (a minor upgrade with msiexec /i "Abba.msi" REINSTALL=ALL >> REINSTALLMODE=vomus) the service is stopped correctly, the service >> executable substituted but not restarted due to "incorrect >> privileges". >> >>> At that moment I can see that service is installed but >>> >> stopped (as I expected) and account info untouched but there are >> problem to restart it... (of course if I reinstall the new package >> from scratch, it works fine). >> >>> I supposed that my account properties are not kept but >>> >> service is not completely uninstalled so service account information >> are not lost. >> >>> MSI log created during upgrade says useless >>> >> information: >> >>> MSI (s) (90:5C) [18:08:45:732]: Executing op: >>> >> ServiceInstall(Name=Abba,DisplayName=Abba,ImagePath="C:\Program >> Files\Abba.exe",ServiceType=16,StartType=2,ErrorControl=32769,,,,Star >> tName=\,Password=**********,Description=Abba >> Service) >> >>> MSI (s) (90:5C) [18:08:45:732]: Note: 1: 2205 2: >>> >> 3: Error >> >>> ... >>> >>> Can someone give me a tip on this, please? >>> >>> Thanks, >>> Nic >>> >>> >>> >>> >>> >>> >> --------------------------------------------------------------------- >> --------- >> >>> Crystal Reports - New Free Runtime and 30 Day Trial Check out the >>> new simplified licensing option that >>> >> enables unlimited >> >>> royalty-free distribution of the report engine for >>> >> externally facing >> >>> server and web deployment. >>> http://p.sf.net/sfu/businessobjects >>> _______________________________________________ >>> WiX-users mailing list >>> WiX-users@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/wix-users >>> >>> >> --------------------------------------------------------------------- >> --------- Crystal Reports - New Free Runtime and 30 Day Trial Check >> out the new simplified licensing option that enables unlimited >> royalty-free distribution of the report engine for externally facing >> server and web deployment. >> http://p.sf.net/sfu/businessobjects >> _______________________________________________ >> WiX-users mailing list >> WiX-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/wix-users >> >> > > > > > ---------------------------------------------------------------------- > -------- Crystal Reports - New Free Runtime and 30 Day Trial Check out > the new simplified licensing option that enables unlimited > royalty-free distribution of the report engine for externally facing > server and web deployment. > http://p.sf.net/sfu/businessobjects > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > ------------------------------------------------------------------------ ------ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users SDL PLC confidential, all rights reserved. If you are not the intended recipient of this mail SDL requests and requires that you delete it without acting upon or copying any of its contents, and we further request that you advise us. SDL PLC is a public limited company registered in England and Wales. Registered number: 02675207. Registered address: Globe House, Clivemont Road, Maidenhead, Berkshire SL6 7DY, UK. ------------------------------------------------------------------------------ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
