WIX创建用户并使用他来授予文件夹权限

Question

我需要创建安装程序，该安装程序会创建新的本地用户，新文件夹并为该用户提供完全权限。

我在下面使用Visual Studio 2010和Wix 3.10的新wix项目创建了一个小测试：

<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi"
     xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
    <Product Id="*" Name="SetupProject1" Language="1033" Version="1.0.0.0" Manufacturer="DG" UpgradeCode="85e3204f-c872-4229-bb75-fa5231863a75">
        <Package InstallerVersion="200" Compressed="yes" InstallScope="perMachine" />

        <MajorUpgrade DowngradeErrorMessage="A newer version of [ProductName] is already installed." />
        <MediaTemplate />

        <Feature Id="ProductFeature" Title="SetupProject1" Level="1">
            <ComponentGroupRef Id="ProductComponents" />
        </Feature>

    <Feature Id='TestUserProductFeature' Title='Test User Product Feature' Level='1'>
      <ComponentRef Id='TestUserProductComponent' />
    </Feature>

    <InstallExecuteSequence>
      <Custom Action='ConfigureUsers' Before='CreateFolders'/>
    </InstallExecuteSequence>
    </Product>

  <Fragment>
        <Directory Id="TARGETDIR" Name="SourceDir">
      <Component Id='TestUserProductComponent' Guid='652C2BE1-9DE7-47AD-A686-55ABAAF68B6F'>
        <util:User Id='TEST_USER1' Name='testName1' Password='pa$$$$word' CreateUser='yes' FailIfExists='yes'/>
      </Component>
            <Directory Id="ProgramFilesFolder">
        <Directory Id="INSTALLFOLDER" Name="SetupProject1" >
          <Directory Id="d_TestDirectory" Name="TestDirectory">
            <Component Id="CreateTestDirectory" Guid="8B7EB548-5767-7017-A56C-4EEBDDF7B621">
              <CreateFolder Directory="d_TestDirectory">
                <Permission User="testName1" GenericAll="yes" />
              </CreateFolder>
            </Component>
          </Directory>
        </Directory>
      </Directory>
        </Directory>    
    </Fragment>

    <Fragment>
        <ComponentGroup Id="ProductComponents" Directory="INSTALLFOLDER">           
      <ComponentRef Id="CreateTestDirectory"/>     
        </ComponentGroup>    
    </Fragment>
</Wix>

请注意我添加了

<Custom Action='ConfigureUsers' Before='CreateFolders'/>

在创建新文件夹之前创建用户。 另请注意我添加了

FailIfExists='yes'

for util：User，如果用户存在，它将失败。

当我使用日志记录运行我的msi时，我首先收到此消息： 应用安全设置时发生错误。 testName1不是虚拟用户或组。这可能是程序包的问题，​​或连接到网络上的域控制器的问题。检查网络连接并单击“重试”，或单击“取消”结束安装。

这意味着我的用户未创建。 然后我手动创建本地用户并按“重试”。

然后我收到此错误： 无法创建用户（-2147022672 testName1） 这意味着安装程序无法创建用户，因为它已经创建（FailIfExists =＆＃39; yes＆＃39;）

这是Orca的InstallExecuteSequence： FindRelatedProducts 25 LaunchConditions 100 ValidateProductID 700 CostInitialize 800 FileCost 900 CostFinalize 1000 MigrateFeatureStates 1200 InstallValidate 1400 RemoveExistingProducts 1401 InstallInitialize 1500 ProcessComponents 1600 UnpublishFeatures 1800 RemoveFolders 3600 ConfigureUsers 3699 CreateFolders 3700 RegisterUser 6000 RegisterProduct 6100 PublishFeatures 6300 PublishProduct 6400 InstallFinalize 6600

这是我的日志文件的一部分，其中包含操作记录：

Action start 0:02:47: RemoveFolders.
Action ended 0:02:47: RemoveFolders. Return value 1.
MSI (s) (D8:88) [00:02:47:389]: Doing action: ConfigureUsers
MSI (s) (D8:88) [00:02:47:389]: Note: 1: 2205 2:  3: ActionText 
Action start 0:02:47: ConfigureUsers.
MSI (s) (D8:28) [00:02:47:391]: Invoking remote custom action. DLL: C:\Windows\Installer\MSIDFFA.tmp, Entrypoint: ConfigureUsers
MSI (s) (D8:48) [00:02:47:391]: Generating random cookie.
MSI (s) (D8:48) [00:02:47:392]: Created Custom Action Server with PID 1440 (0x5A0).
MSI (s) (D8:E4) [00:02:47:409]: Running as a service.
MSI (s) (D8:E4) [00:02:47:410]: Hello, I'm your 32bit Impersonated custom action server.
MSI (s) (D8!30) [00:02:47:475]: PROPERTY CHANGE: Adding CreateUserRollback property. Its value is '**********'.
MSI (s) (D8!30) [00:02:47:476]: Doing action: CreateUserRollback
MSI (s) (D8!30) [00:02:47:476]: Note: 1: 2205 2:  3: ActionText 
Action start 0:02:47: CreateUserRollback.
Action ended 0:02:47: CreateUserRollback. Return value 1.
MSI (s) (D8!30) [00:02:47:477]: PROPERTY CHANGE: Adding CreateUser property. Its value is '**********'.
MSI (s) (D8!30) [00:02:47:478]: Doing action: CreateUser
MSI (s) (D8!30) [00:02:47:478]: Note: 1: 2205 2:  3: ActionText 
Action start 0:02:47: CreateUser.
Action ended 0:02:47: CreateUser. Return value 1.
Action ended 0:02:47: ConfigureUsers. Return value 1.
MSI (s) (D8:88) [00:02:47:481]: Doing action: CreateFolders
MSI (s) (D8:88) [00:02:47:481]: Note: 1: 2205 2:  3: ActionText 
Action start 0:02:47: CreateFolders.
MSI (s) (D8:88) [00:02:47:481]: Note: 1: 1609 2: testName1 3: 1332 
MSI (c) (B4:B8) [00:02:47:483]: Font created.  Charset: Req=0, Ret=0, Font: Req=MS Shell Dlg, Ret=MS Shell Dlg

Error 1609. An error occurred while applying security settings. testName1 is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332
MSI (s) (D8:88) [00:03:14:513]: 
MSI (s) (D8:88) [00:03:14:513]: Note: 1: 1609 2: testName1 3: 1332 
MSI (c) (B4:B8) [00:03:14:515]: Font created.  Charset: Req=0, Ret=0, Font: Req=MS Shell Dlg, Ret=MS Shell Dlg

Error 1609. An error occurred while applying security settings. testName1 is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332
MSI (s) (D8:88) [00:03:31:485]: 
MSI (s) (D8:88) [00:03:31:486]: Finished allocating new user SID
MSI (s) (D8:88) [00:03:31:486]: Using well known SID for System
MSI (s) (D8:88) [00:03:31:486]: Finished allocating new user SID
Action ended 0:03:31: CreateFolders. Return value 1.
MSI (s) (D8:88) [00:03:31:486]: Doing action: RegisterUser
MSI (s) (D8:88) [00:03:31:486]: Note: 1: 2205 2:  3: ActionText 
Action start 0:03:31: RegisterUser.
Action ended 0:03:31: RegisterUser. Return value 1.
MSI (s) (D8:88) [00:03:31:487]: Doing action: RegisterProduct
MSI (s) (D8:88) [00:03:31:487]: Note: 1: 2205 2:  3: ActionText 
Action start 0:03:31: RegisterProduct.
MSI (s) (D8:88) [00:03:31:487]: Note: 1: 2262 2: Media 3: -2147287038 
MSI (s) (D8:88) [00:03:31:488]: PROPERTY CHANGE: Adding ProductToBeRegistered property. Its value is '1'.
Action ended 0:03:31: RegisterProduct. Return value 1.
MSI (s) (D8:88) [00:03:31:488]: Doing action: PublishFeatures
MSI (s) (D8:88) [00:03:31:488]: Note: 1: 2205 2:  3: ActionText 
Action start 0:03:31: PublishFeatures.
Action ended 0:03:31: PublishFeatures. Return value 1.
MSI (s) (D8:88) [00:03:31:489]: Doing action: PublishProduct
MSI (s) (D8:88) [00:03:31:489]: Note: 1: 2205 2:  3: ActionText 
Action start 0:03:31: PublishProduct.
MSI (s) (D8:88) [00:03:31:490]: Note: 1: 2205 2:  3: Icon 
MSI (s) (D8:88) [00:03:31:490]: Note: 1: 2228 2:  3: Icon 4: SELECT `Name`, `Data` FROM `Icon` 
MSI (s) (D8:88) [00:03:31:490]: Note: 1: 2262 2: Media 3: -2147287038 
Action ended 0:03:31: PublishProduct. Return value 1.
MSI (s) (D8:88) [00:03:31:490]: Doing action: InstallFinalize
MSI (s) (D8:88) [00:03:31:490]: Note: 1: 2205 2:  3: ActionText 
Action start 0:03:31: InstallFinalize.
MSI (s) (D8:88) [00:03:31:491]: Running Script: C:\Windows\Installer\MSIDFE9.tmp
MSI (s) (D8:88) [00:03:31:491]: PROPERTY CHANGE: Adding UpdateStarted property. Its value is '1'.
MSI (s) (D8:88) [00:03:31:491]: Machine policy value 'DisableRollback' is 0
MSI (s) (D8:88) [00:03:31:493]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2 
MSI (s) (D8:88) [00:03:31:494]: Executing op: Header(Signature=1397708873,Version=500,Timestamp=1216610392,LangId=1033,Platform=0,ScriptType=1,ScriptMajorVersion=21,ScriptMinorVersion=4,ScriptAttributes=1)
MSI (s) (D8:88) [00:03:31:494]: Executing op: ProductInfo(ProductKey={718267EA-D291-4ED2-8BA6-F3B872BEA874},ProductName=SetupProject1,PackageName=SetupProject1.msi,Language=1033,Version=16777216,Assignment=1,ObsoleteArg=0,,,PackageCode={413012CF-A56C-4342-9DE3-50774CA5DD67},,,InstanceType=0,LUASetting=0,RemoteURTInstalls=0,ProductDeploymentFlags=2)
MSI (s) (D8:88) [00:03:31:494]: Executing op: DialogInfo(Type=0,Argument=1033)
MSI (s) (D8:88) [00:03:31:494]: Executing op: DialogInfo(Type=1,Argument=SetupProject1)
MSI (s) (D8:88) [00:03:31:495]: Executing op: RollbackInfo(,RollbackAction=Rollback,RollbackDescription=Rolling back action:,RollbackTemplate=[1],CleanupAction=RollbackCleanup,CleanupDescription=Removing backup files,CleanupTemplate=File: [1])
MSI (s) (D8:88) [00:03:31:495]: Executing op: SetBaseline(Baseline=0,)
MSI (s) (D8:88) [00:03:31:495]: Executing op: SetBaseline(Baseline=1,)
MSI (s) (D8:88) [00:03:31:495]: Executing op: ActionStart(Name=ProcessComponents,Description=Updating component registration,)
MSI (s) (D8:88) [00:03:31:495]: Executing op: ProgressTotal(Total=2,Type=1,ByteEquivalent=24000)
MSI (s) (D8:88) [00:03:31:495]: Executing op: ComponentRegister(ComponentId={652C2BE1-9DE7-47AD-A686-55ABAAF68B6F},KeyPath=C:\,State=3,,Disk=1,SharedDllRefCount=0,BinaryType=0)
MSI (s) (D8:88) [00:03:31:496]: Executing op: ComponentRegister(ComponentId={8B7EB548-5767-7017-A56C-4EEBDDF7B621},KeyPath=C:\Program Files (x86)\SetupProject1\TestDirectory\,State=3,,Disk=1,SharedDllRefCount=0,BinaryType=0)
MSI (s) (D8:88) [00:03:31:496]: Executing op: ActionStart(Name=CreateUserRollback,,)
MSI (s) (D8:88) [00:03:31:496]: Executing op: CustomActionSchedule(Action=CreateUserRollback,ActionType=11521,Source=BinaryData,Target=**********,CustomActionData=**********)
MSI (s) (D8:88) [00:03:31:497]: Executing op: ActionStart(Name=CreateUser,,)
MSI (s) (D8:88) [00:03:31:497]: Executing op: CustomActionSchedule(Action=CreateUser,ActionType=11265,Source=BinaryData,Target=**********,CustomActionData=**********)
MSI (s) (D8:64) [00:03:31:498]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI8C49.tmp, Entrypoint: CreateUser
MSI (s) (D8:48) [00:03:31:498]: Generating random cookie.
MSI (s) (D8:48) [00:03:31:499]: Created Custom Action Server with PID 2476 (0x9AC).
MSI (s) (D8:E4) [00:03:31:517]: Running as a service.
MSI (s) (D8:E4) [00:03:31:517]: Hello, I'm your 32bit Elevated custom action server.
CreateUser:  Error 0x800708b0: failed to create user: testName1
MSI (c) (B4:B8) [00:03:31:600]: Font created.  Charset: Req=0, Ret=0, Font: Req=MS Shell Dlg, Ret=MS Shell Dlg

Error 26401. Failed to create user.  (-2147022672   testName1      )
MSI (s) (D8!58) [00:04:07:562]: Product: SetupProject1 -- Error 26401. Failed to create user.  (-2147022672   testName1      )

CustomAction CreateUser returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
Action ended 0:04:07: InstallFinalize. Return value 3.
MSI (s) (D8:88) [00:04:07:566]: User policy value 'DisableRollback' is 0
MSI (s) (D8:88) [00:04:07:566]: Machine policy value 'DisableRollback' is 0
MSI (s) (D8:88) [00:04:07:567]: Executing op: Header(Signature=1397708873,Version=500,Timestamp=1216610416,LangId=1033,Platform=0,ScriptType=2,ScriptMajorVersion=21,ScriptMinorVersion=4,ScriptAttributes=1)
MSI (s) (D8:88) [00:04:07:567]: Executing op: DialogInfo(Type=0,Argument=1033)
MSI (s) (D8:88) [00:04:07:567]: Executing op: DialogInfo(Type=1,Argument=SetupProject1)
MSI (s) (D8:88) [00:04:07:568]: Executing op: RollbackInfo(,RollbackAction=Rollback,RollbackDescription=Rolling back action:,RollbackTemplate=[1],CleanupAction=RollbackCleanup,CleanupDescription=Removing backup files,CleanupTemplate=File: [1])
MSI (s) (D8:88) [00:04:07:569]: Executing op: ActionStart(Name=CreateUser,,)
MSI (s) (D8:88) [00:04:07:569]: Executing op: ProductInfo(ProductKey={718267EA-D291-4ED2-8BA6-F3B872BEA874},ProductName=SetupProject1,PackageName=SetupProject1.msi,Language=1033,Version=16777216,Assignment=1,ObsoleteArg=0,,,PackageCode={413012CF-A56C-4342-9DE3-50774CA5DD67},,,InstanceType=0,LUASetting=0,RemoteURTInstalls=0,ProductDeploymentFlags=2)
MSI (s) (D8:88) [00:04:07:569]: Executing op: ActionStart(Name=CreateUserRollback,,)
MSI (s) (D8:88) [00:04:07:569]: Executing op: CustomActionRollback(Action=CreateUserRollback,ActionType=11521,Source=BinaryData,Target=**********,CustomActionData=**********)
MSI (s) (D8:C8) [00:04:07:571]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI1929.tmp, Entrypoint: RemoveUser
MSI (s) (D8:88) [00:04:07:950]: Executing op: ActionStart(Name=ProcessComponents,Description=Updating component registration,)
MSI (s) (D8:88) [00:04:07:950]: Executing op: ComponentUnregister(ComponentId={8B7EB548-5767-7017-A56C-4EEBDDF7B621},ProductKey={718267EA-D291-4ED2-8BA6-F3B872BEA874},BinaryType=0,)
MSI (s) (D8:88) [00:04:07:950]: Executing op: ComponentUnregister(ComponentId={652C2BE1-9DE7-47AD-A686-55ABAAF68B6F},ProductKey={718267EA-D291-4ED2-8BA6-F3B872BEA874},BinaryType=0,)
MSI (s) (D8:88) [00:04:07:950]: Executing op: End(Checksum=0,ProgressTotalHDWord=0,ProgressTotalLDWord=0)
MSI (s) (D8:88) [00:04:07:950]: Error in rollback skipped.  Return: 5
MSI (s) (D8:88) [00:04:07:953]: Note: 1: 2318 2:  
MSI (s) (D8:88) [00:04:07:953]: Calling SRSetRestorePoint API. dwRestorePtType: 13, dwEventType: 103, llSequenceNumber: 38, szDescription: "".
MSI (s) (D8:88) [00:04:07:954]: The call to SRSetRestorePoint API succeeded. Returned status: 0.
MSI (s) (D8:88) [00:04:07:954]: Unlocking Server
MSI (s) (D8:88) [00:04:08:135]: PROPERTY CHANGE: Deleting UpdateStarted property. Its current value is '1'.
Action ended 0:04:08: INSTALL. Return value 3.

因此，在InstallFinalize操作期间，似乎CreateUser实际上是从另一个临时dll作为提升（deffered）自定义操作运行的。 即使说CreateUsers在CreateFolders之前运行，它也只是计划提升自定义操作。

我的情景是否可以实现？有什么问题？

Answer 1

目前尚不清楚您对即时自定义操作做了什么 - 它们永远不会改变系统，因为无法撤消它们。需要延迟更改系统的所有自定义操作，以便它们a）使用回滚CA回滚并且b）运行提升，因为直接CA未升高。如果某些CA依赖其他CA，只需适当地订购它们。

CreateUser错误0x8007089a表示＆＃34;指定的用户名无效。＆＃34;。如果该跟踪代码显示＆＃34; vmtest \ user＆＃34;是正确的，也许这是不正确的。为什么反斜杠？是＆＃34;用户＆＃34;部分密码？此外，我不相信跟踪会显示密码，因此用户名可能是＆＃34; vmtest \ user＆＃34;并且反斜杠作为用户名的一部分无效。