Thanks Jacob and Blair By changing the custom-action attribute to Impersonate="no" from "yes" is resolved my issue. But Signing the MSP is very important thing for patch installation.
I am not able to sign the msp as Jacob suggested, because I unable to add the PatchCertificates to my patch.wxs. I followed the below steps for signing MSI and MSP: 1. Signed the MSI by giving the below post build event. <PostBuildEvent>"C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin\signtool.exe" sign /f $(SolutionDir)\xxx.pfx /p xxxxxx /t http:// http://timestamp.digicert.com /v $(ProjectDir)\bin\$(ConfigurationName)\en-US\xxx.msi</PostBuildEvent> 2. Signing the MSP by giving the same postbuild event as above, Then the MSP is digitally signature by seeing it from properties. But MsiPatchCertificate table is not coming. I missed something, So MsiPatchCertificate table is not coming. Regards, Srinivas. On Wed, Jun 26, 2013 at 2:01 PM, David Watson <dwat...@sdl.com> wrote: > What Jacob suggests works, we have been using it for several years, if the > certificate is in the original msi and it and the patch are signed by the > same certificate then you do not need to elevate to install. > > It's fun when the certificate expires though as you need to use a hotfix to > deliver the new certificate which is signed by the old certificate before > it > expires so you can then sign by the new certificate in future patches. > > -----Original Message----- > From: Blair Murri [mailto:os...@live.com] > Sent: 26 June 2013 06:53 > To: General discussion for Windows Installer XML toolset. > Subject: Re: [WiX-users] Require admin rights to msp > > I believe so. Please test and report back (I'd like confirmation either > way). > > > Date: Wed, 26 Jun 2013 02:11:19 +0530 > > From: chentala.srini...@gmail.com > > To: wix-users@lists.sourceforge.net > > Subject: Re: [WiX-users] Require admin rights to msp > > > > Hi, > > > > The actual requirement is > > I have a msi which is having elevated rights(InstallPrivileges > > ="elevated", Privileged Launched condition and digitally signed). > > > > And simply created the patch by following the Link: > > http://wix.sourceforge.net/manual-wix2/patch_building.htm with out > > adding signing or any additional things, This is working sucessfully > > in all machine except the machines having UAC on. If we run the msp > > through AdminCommandPrompt it works fine(executing Impersonate="yes" > > customactions) on UAC-ON machine also. > > > > Signing the msp is the solution for this problem? > > > > Regards, > > Srinivas. > > > > On Tue, Jun 25, 2013 at 11:24 PM, Blair Murri <os...@live.com> wrote: > > > > > Method #2 - apply from an elevated command prompt. > > > > > > I'm a little unclear about the requirement. If the MSI requires > > > elevation, any applied MSP will prompt for elevation as needed and > > > all non-impersonated in-script actions will run elevated (same as > > > the MSI, adding an MSP doesn't change how that works). > > > > > > If the original MSI doesn't require elevation and the MSP introduces > > > that requirement (due to some new thing its doing) then LUA patching > > > won't accommodate that requirement. You really should use a major > > > upgrade (and possibly a bootstrapper that gives you a working > > > upgrade path) to replace that original MSI. > > > > > > Blair > > > > > > > From: jacob.hoo...@greenheck.com > > > > To: wix-users@lists.sourceforge.net > > > > Date: Tue, 25 Jun 2013 17:10:15 +0000 > > > > Subject: Re: [WiX-users] Require admin rights to msp > > > > > > > > Digitally sign the original MSI, include the public cert in the > > > MsiPatchCertificate table, and then sign the MSP with the same > certificate. > > > > > > > > <PatchCertificates> > > > > <DigitalCertificate Id="MyCompany" SourceFile="MyCompany.cer"/> > > > > </PatchCertificates> > > > > > > > > And in the wixproj, > > > > > > > > <Target Name="SignCabs" DependsOnTargets="UsesSignTool"> > > > > <Exec Command=""$(SignToolPath)" sign /t > > > http://timestamp.digicert.com /a "%(SignCabs.FullPath)"" > > > /> > > > > </Target> > > > > > > > > <Target Name="SignMsi" DependsOnTargets="UsesSignTool"> > > > > <Exec Command=""$(SignToolPath)" sign /d "My > > > > App > > > Setup" /t http://timestamp.digicert.com /a > > > "%(SignMsi.FullPath)"" /> > > > > </Target> > > > > > > > > I use custom logic to detect the location of SignTool, but that > > > > should > > > get you started. Note, group policy can still disable LUA patching. > > > > > > > > -----Original Message----- > > > > From: chintala srinivas [mailto:chentala.srini...@gmail.com] > > > > Sent: Tuesday, June 25, 2013 11:53 AM > > > > To: General discussion for Windows Installer XML toolset. > > > > Subject: [WiX-users] Require admin rights to msp > > > > > > > > Hi, > > > > > > > > I have a patch(.msp) file which will works fine only if it runs > > > > from > > > administrative command prompt on UAC on machine. > > > > Can anyone please let me know how to give admin privileges to .msp. > > > > > > > > Regards, > > > > Srinivas. > > > > > > > -------------------------------------------------------------------- > > > ---------- > > > > This SF.net email is sponsored by Windows: > > > > > > > > Build for Windows Store. > > > > > > > > http://p.sf.net/sfu/windows-dev2dev > > > > _______________________________________________ > > > > WiX-users mailing list > > > > WiX-users@lists.sourceforge.net > > > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > > > > > > > > > -------------------------------------------------------------------- > > > ---------- > > > > This SF.net email is sponsored by Windows: > > > > > > > > Build for Windows Store. > > > > > > > > http://p.sf.net/sfu/windows-dev2dev > > > > _______________________________________________ > > > > WiX-users mailing list > > > > WiX-users@lists.sourceforge.net > > > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > > > > > > > -------------------------------------------------------------------- > > > ---------- This SF.net email is sponsored by Windows: > > > > > > Build for Windows Store. > > > > > > http://p.sf.net/sfu/windows-dev2dev > > > _______________________________________________ > > > WiX-users mailing list > > > WiX-users@lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > > > ---------------------------------------------------------------------- > > -------- This SF.net email is sponsored by Windows: > > > > Build for Windows Store. > > > > http://p.sf.net/sfu/windows-dev2dev > > _______________________________________________ > > WiX-users mailing list > > WiX-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/wix-users > > > ----------------------------------------------------------------------------- > - > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > SDL PLC confidential, all rights reserved. > If you are not the intended recipient of this mail SDL requests and > requires that you delete it without acting upon or copying any of its > contents, and we further request that you advise us. > SDL PLC is a public limited company registered in England and Wales. > Registered number: 02675207. > Registered address: Globe House, Clivemont Road, Maidenhead, Berkshire SL6 > 7DY, UK. > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > _______________________________________________ > WiX-users mailing list > WiX-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wix-users > ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
