UAC in MSI Notes: Just Like Managed Installs
This is the forth in a series of notes about UAC in MSI. Per the earlier caveat, these are just my notes and not an official position from the Windows Installer team. The previous entries, I
- Introduced the series
- Introduced my view of the root problem
- Introduced the conflicting per-user definition
This entry will talk about the second hurdle for me in thinking about UAC support in MSI as understanding the term managed install.
Before I joined the Windows Installer team, I didn't know much about the semantics of what a managed install meant other than knowing how not to break it. The art in Carolyn's design of UAC in MSI is the observation that: it's just like managed installs. I had to catch up quick. ;^)
More History of Setup (or perhaps just setup mythology ;^)
As I’d mentioned in an earlier post, the late 1990’s experienced an explosion of scenarios involving corporations. With the popularity of Windows 9x machines in corporations, the costs of owning PCs were not scaling. Support calls for users doing whacky things to their personal machine were draining Information Technology (IT) budgets everywhere. Windows embraced numerous initiatives, such as Zero Administration Windows (ZAW) and Total Cost of Ownership (TCO), were invented to drive down corporations cost of running Windows based infrastructure.
Ready to meet the corporate customer demand for improved corporate cost structure was a new operating system from Dave Cutler: Windows NT. Windows NT introduced to the Windows family the capacity to run a service in a different security context than the user logged into the machine. This facility enabled appropriately written software to run even if the user’s rights had been significantly restricted by an administrator. The convention of restricting user’s rights to cut costs is called lockdown.
Lockdown was a compelling because it drove up productivity, drove down IT costs, and increased security all in one fell swoop. Though locked down systems had many benefits, these mechanisms also prevented conventional script based software installations. In a response to the need to install software in a lockdown environment, Windows Installer was written to run as a service on Windows NT based systems. The Windows Installer service with Local System privileges that thereby enabled installs to succeed even if the user’s rights were restricted.
Managed Install Definition I Use
The concept of a Managed install is the capacity to bless an application as having permissions to be installed even on a lockdown system was created. Installation of an application where the administrator has provided permission to run is called a Managed install. The Managed Install facility has helped drive Windows Installer based installs to be the de facto standard for corporate software installation.
Art of UAC Support in MSI
I can't count the number of times Carolyn started to explain the UAC Support in MSI as: it's just like group policy support for managed installs. For those with Group Policy (or Group Policy like) infrastructure, UAC support should look just like the experience you know. For those of you unfamiliar with Group Policy based software distribution, you should feel confident this code path is well exercised by generations of corporate management infrastructures.