Minimizing the Number of User Account Control Prompts During Installation

InstallShield 2012 Spring

Project: This information applies to the following project types:

Basic MSI
InstallScript
InstallScript MSI

Some of the specific details apply to only some of these project types. These differences are noted where appropriate.

One of the goals of Windows Vista and later, as well as User Account Control (UAC), is to allow users to run as standard users all of the time. Elevation should rarely be required; if it does occur, it should occur for as short of a duration as possible.

Several different areas of InstallShield affect whether an installation triggers UAC consent or credential prompts for elevated privileges. Understanding these different settings will help you create the appropriate UAC experience for your installation when end users run it on Windows Vista and later systems. It will also offer guidance if you are trying to minimize the number of UAC prompts that are displayed during your installation.

Depending on how it is configured, an installation that includes InstallShield prerequisites may prompt for elevated privileges on Windows Vista and later systems at several different points during the installation:

1. When the end user launches the Setup.exe file
2. When the Setup.exe file launches a setup prerequisite that requires elevated privileges
3. When the ISInstallPrerequisites custom action relaunches the Setup.exe file in feature prerequisite installation mode because one or more of the features being installed has an associated feature prerequisite

Note that the ISInstallPrerequisites custom action does not verify whether any feature prerequisites require elevated privileges before the prompt for elevated privileges is displayed. In addition, the ISInstallPrerequisites custom action does not check the conditions on any of the feature prerequisites to determine whether the feature prerequisites need to be installed. The prompt for elevated privileges is always displayed.

Project: Basic MSI projects include support for feature prerequisites.

4. When the Windows Installer begins the Execute sequence of the .msi package

Project: This last installation point applies to Basic MSI and InstallScript MSI projects, but not InstallScript projects.

UAC-Related Settings in InstallShield

Following is a list of the InstallShield settings that help determine whether UAC prompts are displayed during an installation on Windows Vista and later systems:

Required Execution Level—Use this setting in the Releases view to specify the minimum execution level required by your installation's Setup.exe file. InstallShield uses the value that you select (Administrator, Highest available, or Invoker) in the application manifest that it embeds in the Setup.exe launcher. For more information, see Specifying the Required Execution Level for Your Setup Launcher on Windows Vista and Later Platforms.
The prerequisite requires administrative privileges—If you are creating or modifying an InstallShield prerequisite for your installation, use this check box to indicate whether administrative privileges are required in order to install this prerequisite. This check box is on the Behavior tab in the InstallShield Prerequisite Editor. For more information, see Specifying that an InstallShield Prerequisite Requires Administrative Privileges.
Require Administrative Privileges—Use this setting in the General Information view to specify whether the Execute sequence of your installation's .msi package requires administrative privileges. If you set this to No, InstallShield sets bit 3 in the Word Count Summary property to indicate that elevated privileges are not required to install your product. For more information, see Entering Summary Information Stream Data.

Project: The Require Administrative Privileges setting does not apply to InstallScript projects.

Advertise If Prerequisites Are Elevated—Use this setting in the Releases view to specify whether the .msi package should be advertised—and if so, whether it should be run silently or with the full user interface (UI)—after the InstallShield prerequisites in the installation have been successfully installed with elevated privileges on Windows Vista and later machines. The advertisement may allow end users to avoid the UAC prompt that would otherwise be displayed for an .msi package that requires elevated privileges. For more information, see Specifying Whether a Product Should Be Advertised If Its InstallShield Prerequisites Are Run with Elevated Privileges.

Project: The Advertise If Prerequisites Are Elevated setting does not apply to InstallScript projects.

In addition, the type of InstallShield prerequisite—either setup prerequisite or feature prerequisite—may affect whether UAC prompts are displayed during an installation on Windows Vista and later systems. To learn more about these two types of InstallShield prerequisites, see Setup Prerequisites vs. Feature Prerequisites.

Note the following UAC-related behavior on Windows Vista and later:

If Required Execution Level is set to Invoker, any InstallShield prerequisites in your installation do not require administrative privileges, and Require Administrative Privileges is set to No, end users should see no UAC prompts during installation.
If Required Execution Level is set to Invoker, your installation includes setup prerequisites that require administrative privileges, and Require Administrative Privileges is set to No, end users should see one UAC prompt—plus up to one additional UAC prompt for each reboot—during installation.
If the full user interface of the setup launcher is displayed and the installation includes setup prerequisites that need to be installed, the setup launcher typically displays the setup prerequisite dialog before the main installation starts. If one or more of the setup prerequisites that need to be installed require administrative privileges, the Install button on the message box has the shield icon to alert the end user that elevated privileges are required.
If the installation is continuing after a reboot and privileges must be elevated, the OK button of the continuation message box has the shield icon. If privileges do not need to be elevated, the shield button is not displayed.
If your installation includes more than one setup prerequisite that must be installed on a target machine and one or more of those setup prerequisites requires administrative privileges, the UAC prompt is displayed before the first setup prerequisite is installed. This may allow elevated privileges to be used for all prerequisites without requiring separate UAC prompts for each prerequisite installation. Note, however, that if a setup prerequisite installation causes a reboot, administrative privileges are lost, and a UAC prompt may be displayed if any of the remaining prerequisites require administrative privileges.

A slightly different behavior applies to feature prerequisites. If your installation is going to install any features that are associated with prerequisites, the UAC prompt is displayed when the ISInstallPrerequisites custom action relaunches Setup.exe in feature prerequisite installation mode. This occurs regardless of whether any of the feature prerequisites require elevated privileges. It also occurs before any of the feature prerequisites' conditions are evaluated to determine whether the feature prerequisites need to be installed. Note that if a feature prerequisite installation causes a reboot, administrative privileges are lost. After the reboot, the ReadyToInstall dialog is displayed again, and the end user needs to click the Install button to proceed with the rest of the installation. In this case, the UAC prompt is displayed again when the ISInstallPrerequisites custom action relaunches Setup.exe in feature prerequisite installation mode.

Note that if Require Administrative Privileges is set to No but your .msi package tries to perform a task for which it does not have adequate privileges, Windows Installer may display a run-time error.
If privileges are elevated at the end of an installation and the SetupCompleteSuccess dialog launches the product, elevated privileges are carried over to your product. In most cases, running an application with elevated privileges is discouraged.

Sample Scenarios

The following sections contain examples that illustrate different combinations of values for the aforementioned settings in InstallShield. The diagrams show when Windows Vista and later request elevated privileges for standard users or administrative users who have limited privileges. The examples are based on the default UAC settings on Windows Vista and later systems.

Example 1: UAC Prompt Is Displayed for a Prerequisite that Requires Administrative Privileges; .msi File Is Advertised

The example 1 diagram shows an installation that requires elevation for a setup prerequisite, a feature prerequisite, and for the Execute sequence of the .msi package. Windows Vista and later display one UAC prompt for the setup prerequisite, and another one for the feature prerequisite.

If the feature prerequisite was not included or if it was a setup prerequisite instead of a feature prerequisite, the second UAC prompt (which is labeled as UAC prompt #2 in the diagram) would not be displayed. In these cases, UAC prompt #2 would not be needed because the .msi package is successfully advertised after the setup prerequisite is installed with elevated privileges.

Example 1—Diagram of an Installation that Has Invoker as the Required Execution Level and that Advertises the .msi Package

Example 2: UAC Prompt Is Displayed for Setup.exe and After a Reboot for a Prerequisite that Requires Administrative Privileges

The example 2 diagram shows an installation that requires elevation for Setup.exe, two setup prerequisites, a feature prerequisite, and the Execute sequence of the .msi package. Because the Setup.exe file has a manifest that specifies Administrator as the required execution level, elevated privileges are used for each part of the installation. The second UAC prompt is displayed because elevated privileges are lost during a reboot.

Example 2—Diagram of an Installation that Has Administrator as the Required Execution Level

See Also