- Windows Installer
Default window (after running msiexec.exe)
Original author(s) Microsoft Stable release 5.0 Operating system Windows Type Installer License Proprietary
The Windows Installer (previously known as Microsoft Installer) is a software component used for the installation, maintenance, and removal of software on modern Microsoft Windows systems. The installation information, and often the files themselves, are packaged in installation packages, loosely relational databases structured as OLE COM Structured Storages and commonly known as "MSI files", from their default file extension. Windows Installer contains significant changes from its predecessor, Setup API. New features include a GUI framework and automatic generation of the uninstallation sequence. Windows Installer is positioned as an alternative to stand-alone executable installer frameworks such as older versions of InstallShield and Wise (later versions of both products are based on Windows Installer) and NSIS.
Microsoft encourages third parties to use Windows Installer as the basis for installation frameworks, so that they synchronize correctly with other installers and keep the internal database of installed products consistent. Important features such as rollback and versioning depend on a consistent internal database for reliable operation. Furthermore, Windows Installer facilitates the principle of least privilege by performing software installations by proxy for unprivileged users.
- 1 Logical structure of packages
- 2 Setup phases
- 3 Other features
- 4 Developing installer packages
- 5 ICE validation
- 6 Versions
- 7 Tools
- 8 See also
- 9 References
- 10 External links
Logical structure of packages
A package describes the installation of one or more full products (Windows Installer does not handle dependencies between products) and is universally identified by a GUID (the PackageCode property). A product is made up of components, grouped into features.
A single, installed, working program (or set of programs) is a product. A product is identified by a unique GUID (the ProductCode property) provides an authoritative identity throughout the world. The GUID, in combination with the version number (ProductVersion property) allow for release management of the software's files and registry keys. A product is not the same as a package: a package is identified by a unique GUID (stored in the Summary Information Stream) and provides identity and release management for all the contents of the .MSI file. Release management of a Product pertains only to changes in the files and registry keys that make up a software application. Release management of a package includes the package logic and other meta data that relates to how the package executes when running. For example, changing an EXE in the software application may require the ProductCode and/or ProductVersion to be changed for release management of the software application. Only adding a launch condition (with the software application remaining exactly the same as the previous version) would still require the PackageCode to change for release management of the .MSI file itself.
A feature is a hierarchical group of components—a feature can contain any number of components and other features (a feature contained in another feature is called a "subfeature"). Many software packages only involve one feature. More complex installation programs usually display a "custom setup" dialog box at run time, from which the end user can select which features to install or remove.
The package author defines the product features. A word-processing program, for example, might provide features for the main program executable, the program's help files, and optional spelling checker and stationery modules.
A component is the atomic part of a product—each component is treated by Windows Installer as a unit: the install developer cannot, for example, use a condition to specify to install just part of a component. Components can contain files, directories, COM components, registry keys, shortcuts, and other data. The end user does not directly interact with components.
Components are identified globally by GUIDs, thus the same component can be shared among several features of the same package or multiple packages, ideally through the use of Merge Modules (although, for this to work correctly, different components should not share any sub-components).
A key path is a specific file, registry key, or ODBC data source that the package author specifies as critical for a given component. Because a file is the most common type of key path, the term key file is commonly used. A component can contain at most one key path; if a component has no explicit key path, the component's destination directory is taken to be the key path. When an MSI-based application is launched, Windows Installer checks the existence of these critical files or registry keys (that is, the key paths). If there is a mismatch between the current system state and the value specified in the MSI package (e.g., a key file is missing), then the related feature is re-installed. This process is also known as self-healing or self-repair. No two components should use the same key path.
The user interface phase typically queries the target system and displays an installation wizard and enables the user to change various options that will affect the installation.
However, the user interface sequence should not make any changes to the system. Three reasons for this are as follows.
- A user can install an MSI package in quiet mode, bypassing this phase entirely, by running the msiexec.exe command-line utility with the /qn (or /qb or /qr) option and specifying on the command line all the information that the wizard would normally gather. Therefore, any actions that occur in the user interface sequence will not be performed during a silent installation.
- Similarly, clicking the Remove button in the Add or Remove Programs panel runs a product's uninstaller with a basic user interface, again with the result that any actions that occur in the user interface sequence will not be performed.
- Actions that make system changes should not be scheduled in the user interface sequence as the user interface sequence runs with user privileges, and not with elevated privileges, as described in the following section.
Actions in the user interface sequence of a normal installation are defined in the InstallUISequence table. Similarly, there is an AdminUISequence in which can be placed dialog boxes and actions to display and perform from within an administrative installation wizard.
When the user clicks the Finish or Install button in a typical MSI installation wizard, installation proceeds to the Execute phase, in which software components are actually installed. The Execute phase makes system changes, but does not display any user-interface elements.
Execute phase happens in two steps:
Immediate mode. In this phase, Windows Installer receives instructions, either from a user or an application, to install or uninstall features of a product. The requests cause the execution of sequences of actions, which query the installation database to build an internal script describing the execution phase in detail.
Deferred mode. In this phase, the script built in immediate mode is executed in the context of the privileged Windows Installer service (specifically, the LocalSystem account). The script must be executed by a privileged account because of the heterogeneity of the scenarios in which a setup operation is initiated—for example, elevated privileges are necessary to serve on-demand installation requests from non-privileged users. (In order to run with elevated privileges, however, the package must be deployed by a local administrator or advertised by a system administrator using Group Policy.)
Execute sequence actions for a normal installation are stored in the InstallExecuteSequence table. An MSI database can also contain AdminExecuteSequence and AdvtExecuteSequence tables to define actions to perform for administrative and advertised installations.
All installation operations are transactional. For each operation that Windows Installer performs, it generates an equivalent undo operation that would undo the change made to the system. In case any script action fails during deferred execution, or the operation is cancelled by the user, all the actions performed until that point are rolled back, restoring the system to its original state. Standard Windows Installer actions automatically write information into a rollback script; package authors who create custom actions that change the target system should also create corresponding rollback actions (as well as uninstallation actions and uninstallation-rollback actions). As a design feature, if applied correctly this mechanism will also rollback a failed uninstall of an application to a good working state.
Windows Installer can advertise a product rather than actually installing it. The product will appear installed to the user, but it will not actually be installed until it is run for the first time by triggering an entry point (by means of a Start menu shortcut, by opening a document that the product is configured to handle, or by invoking an advertised COM class). A package can be advertised by an administrator using Group Policy or other deployment mechanism, or by running the msiexec executable with the /jm (for per-machine advertisement) or /ju (for per-user advertisement) switch. It should also be noted that some MSI packages authored in Installshield may prevent the use of these and other Native MSI features.
The user must have administrator privileges to complete the advertised installation; in most workplaces, end users are not administrators and this method of distribution will fail. Microsoft created a workaround via Group Policies to "Elevate user privileges" during MSI installations. This is often seen by system administrators as compromising security since any MSI would automatically gain administrator privileges.
Installation on demand
Similar to advertisement, it consists in the installation of features as soon as the user tries to use them.
An administrative installation creates an uncompressed source image for a product, typically to be used for installing or running an application from a network location. An administrative installation is not a typical installation, in that it does not create any shortcuts, register COM servers, create an Add or Remove Programs entry, and so on. Often an administrative installation enables a user to install the product in such a way that its features run from the uncompressed installation source.
Administrative installations are also useful when creating a Windows Installer patch, which requires uncompressed images of the earlier and current versions of a product in order to compute binary file differences. An administrative installation is performed by running the msiexec executable with the /a switch.
The developer of an installer package may write code to serve their own purpose, delivered in a DLL. This can be executed during the installation sequences, including when the user clicks a button in the user interface, or during the InstallExecuteSequence. Custom Actions typically validate product license keys, or initialise more complex services. Developers should normally provide inverse custom actions for use during uninstallation.
Msiexec provides a way to break after loading a specified custom action DLL but before invoking the action.
Merge modules and nested executables
A Windows Installer package may contain another package to be installed at the same time. These are ideally provided as a .msm file component, but may also be a separate executable program which will be unpacked from the installer package during the InstallExecuteSequence and can be run immediately. The file can then optionally be deleted before the end of the InstallExecuteSequence, and so is ideal for using with older installers.
Windows Installer allows applications to run directly from a network share, without the need for a local copy (run from source); it can repair broken installations by restoring damaged or deleted files, registry entries and application shortcuts; it supports per-user installation of applications; it can resolve component identifiers into paths, allowing applications to avoid hard-coded file paths; and it natively supports patches (.msp files made out of patch creation properties) and other customizations of packages through manipulations (transforms or .mst files) of a package's relational database. Version 2.0 onwards, it supports digital signatures and version 3.0 onwards, delta compression for patches.
It is also unique among installation software frameworks for Windows in that it is highly transparent. The full API and all command-line options are documented; packages are freely viewable and editable, both with free tools and programmatically (as opposed to the proprietary and even weakly encrypted packages of InstallShield); and the format for file archives is the well documented cabinet file format.
File extraction only
Individual files can be extracted from an .MSI file without carrying out a full installation, either by using the Installer with an appropriate command line  or by certain third-party software such as 7-zip. NOTE: Not all files can be extracted using these methods such as different version of a file getting installed based on option will fail to be properly extracted
Windows Installer 4.0, which was shipped with Windows Vista, incorporates new capabilities to take advantage of Vista's User Account Control architecture. MSI packages can be marked as not requiring elevated privileges to install, thus allowing a package to install without prompting the user for Administrator credentials (provided that the installation does not write to any areas that a regular user does not have access to, including Program Files). Windows Installer also works in conjunction with the Restart Manager; when installing or updating an application or system component with "full" user interface mode, the user will be displayed a list of affected applications that can be shut down, and then restarted after files have been updated. Installer actions running in silent mode perform these application restarts automatically. System services and tray applications can also be restarted in this manner.
Developing installer packages
Creating an installer package for a new application is non-trivial. It is necessary to specify which files must be installed, to where, with what registry keys. Any non-standard operations can be done using Custom Actions, which are typically developed in DLLs. There are a number of commercial and freeware products to assist in creating MSI packages, including Visual Studio, InstallShield, Installaware, Wise Installer, Advanced Installer and WiX. To varying degrees, the user interface and behaviour in less common situations such as unattended installation, may be configured. Once prepared, an installer package is "compiled" by reading the instructions and files from the developer's local machine, and creating the .msi file.
The user interface (dialog boxes) presented at the start of installation can be changed or configured by the setup engineer developing a new installer. There is a limited language of buttons, textfields and labels which can be arranged in a sequence of dialogue boxes. An installer package should be capable of running without any UI, for what is called "unattended installation".
Microsoft provides a set of Internal Consistency Evaluators, or ICEs, that can be used to detect potential problems with an MSI database. The ICE rules are combined into CUB files, which are stripped-down MSI files containing custom actions that test the target MSI database's contents for validation warnings and errors. ICE validation can be performed with the Platform SDK tools Orca and msival2, or with validation tools that ship with the various authoring environments.
For example, some of the ICE rules are:
- ICE09: Validates that any component destined for the System folder is marked as being permanent.
- ICE24: Validates that the product code, product version, and product language have appropriate formats.
- ICE33: Validates that the Registry table is not used for data better suited for another table (Class, Extension, Verb, and so on).
Addressing ICE validation warnings and errors is an important step in the release process.
Version Included with Also available for 1.0 Office 2000 1.1 Windows 2000 RTM, SP1, SP2 Windows 95/98
Windows NT 4.0 SP6
1.2 Windows Me 2.0 Windows XP RTM, SP1
Windows 2000 SP3, SP4
Windows Server 2003 RTM
Windows NT 4.0 SP6
Windows 2000 RTM, SP1, SP2
3.0 Windows XP SP2 Windows 2000 SP3, SP4
Windows XP RTM, SP1
Windows Server 2003 RTM
3.1 Windows XP SP3
Windows Server 2003 SP1, SP2
Windows XP Professional x64 Edition RTM, SP2
Windows 2000 SP3, SP4
Windows XP RTM, SP1, SP2
Windows Server 2003 RTM
4.0 Windows Vista RTM, SP1
Windows Server 2008 RTM
4.5 Windows Vista SP2
Windows Server 2008 SP2
Windows XP SP2, SP3
Windows Server 2003 SP1, SP2
Windows XP Professional x64 Edition RTM, SP2
Windows Vista RTM, SP1
Windows Server 2008 RTM
5.0 Windows 7 RTM
Windows Server 2008 R2 RTM
To check which version is currently installed, type
msiexec /?into the Windows
Runbox or command prompt.
Name Description License Microsoft Visual Studio Microsoft Visual Studio is capable of building Windows Installer Deployment projects that can create installer packages. Proprietary software InstallShield Proprietary software InstEdit "InstEd is a Free msi editor built for professionals." Paid version with more features available also. Freeware Wise Installer Proprietary software WiX WiX (Windows Installer XML) is a free software set of tools that helps build a Windows Installer packages from an XML document. It can be either used from command-line or integrated into Microsoft Visual Studio. SharpDevelop has a nice implementation for creating MSI packages using WIX Common Public License IsWiX Industrial Strength Windows Installer XML ( IsWiX ) is a document editor based on the Fireworks Application Framework. IsWiX enables non-setup developers to collaborate with setup developers using WiX projects. Microsoft Public License (Ms-PL) 7-Zip 7-Zip is a multipotent open source file archiver utility, and can extract the contents of MSI files. GNU Lesser General Public License
- List of installation software
- Windows Installer CleanUp Utility
- ZAP File - a way to perform an Application Installation when no MSI File exists.
- ^ when setup isn't just xcopy
- ^ Rollback Installation
- ^ Advertisement
- ^ Installation-On-Demand
- ^ Administrative Installation
- ^ Extracting files from an .MSI file from the command line
- ^ How to extract MSI files from the command line/prompt in Windows XP/Vista/7
- ^ Internal Consistency Evaluators - ICEs
- ^ Released Versions of Windows Installer
- ^ What's New in Windows Installer 4.5
- ^ 
- ^ "Windows Installer Deployment". Microsoft Developers Network (MSDN) Library. Microsoft Corporation. August 2008. http://msdn.microsoft.com/en-us/library/2kt85ked.aspx. Retrieved 1 October 2009. "Windows Installer deployment enables you to create installer packages to be distributed to users; the user runs the setup file and steps through a wizard to install the application."
- ^ "Windows Installer Tools & Tips". InstallSite Stefan Krueger. http://installsite.org/pages/en/msi/tips.htm#7zip. Retrieved 19 November 2009.
- Windows installer start page
- Windows Installer Team Blog at MSDN.
- InstallSite.org "Resources for Setup Developers": This site publishes a useful released MSI version matrix.
- Windows Installer 4.5 Software Development Kit standalone version, XP & Vista
- Windows Installer 5.0 Software Development Kit standalone for 5.0 not available, only the version integrated with Windows 7 SDK
- MSI frequently asked questions
Windows command line programs and built-ins (more) File system
Processes Registry User environment Text processing Shell programming Networking Searchingfind · findstr · where Miscellaneous Archive formats Archiving only Compression only Archiving and compression Software packaging and distribution Document packaging and distribution
Wikimedia Foundation. 2010.