This is my third post in my WiX and DTF series for WiX 3.0. Here are some others I’ve written:

• An introduction
• Using WiX to author MSI installations
• Using a Custom Action to list available web sites on IIS

Normally bootstrappers are used for adding prerequisites to your installation; like the .Net Framework, Windows Installer etc. You can also use it for other purposes though. Basically it's an exe file with the msi (and any other installers) embedded. For the WiX series I'm currently doing we need this because:

1. Use as workaround for the WiX bug in IIS extension where the installer fails because of missing privileges on Vista SP1.
2. We want to do IIS custom actions in InstallUISequence which require elevated privileges which I will cover in a later post (hopefully very soon!).

I briefly mentioned InstallUISequence above. Windows Installer have several sequences, for details you can check them out here, but I'm just going to shortly explain two of them now. The InstallUISequence is the wizard part in the installer, InstallExecuteSequence is where things are happening and files are getting installed (when you click "Install" in the wizard).

Here's a bit of background. In Vista msi files does not run elevated (as admin) when you start them directly (double click on the msi). To do that you need to open an elevated command prompt and run the msi with msiexec /i yourInstaller.msi. That's not a good solution.

Normally there should be no need for admin privileges in UISequence (it's a reason it's not permitted per default), but there are exceptions, like the above. At least from my perspective. If you have a better way of solving this, I'm very interested.

So, with a bootstrapper or exe file you can do a bit more. For instance you can use mt.exe to add a manifest to he exe defining which privileges it requires to run. In this article I will describe how you can accomplish this using WiX and .Net.

Here's how to go about it:

1. Copy Setup.exe found in the WiX bin folder to your project location (so we don't modify the original)
2. Create a manifest file (e.g. Vista.manifest) in your favorite text editor by adding this xml:
   

   <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
   <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
     <assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="Setup" type="win32" />
     <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
       <security>
         <requestedPrivileges>
           <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
         </requestedPrivileges>
       </security>
     </trustInfo>
   </assembly>

3. Add the manifest to Setup.exe by using mt.exe found in the .Net SDK:

   mt.exe -manifest [pathToYourProject\]Vista.manifest -outputresource:[pathToYourProject\]Setup.exe;#1

4. Use setupbld.exe found in the WiX bin folder to embed the msi installer into a exe like this:

   setupbld.exe" -out Setup.exe -msu MyMsi.msi -setup Setup.exe

   or even better, add it as a post-build event (Right click your project -> Properties -> Build Event -> Post-build Event Command Line):

   "C:\Program Files\Windows Installer XML v3\bin\setupbld.exe" -out $(TargetDir)Setup.exe -msu "$(TargetPath)" -setup "$(ProjectDir)setup.exe"

The interesting thing to note about the manifest file is this:

<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />

When setting the level to requireAdministrator Vista will show a UAC prompt when executing this file. The default level is asInvoker, which will run the exe with the current users privileges, but then the exe would have the same behavior as the msi.

Also note the assemblyIdentity node where you can set the actual version number of your installer and the name (if you use something else than Setup.exe).

I've updated my DasBlog to version 2.2.8252.15582 and it has OpenID support! If you have an OpenID you can now use that for posting comments to my blog. I'm not taking the same stand as Aaron Hockley though, refusing to comment on blogs without OpenID support (at least not yet...).

So why use OpenID except from identifying yourself on my blog? The number one reason as I see it is that you have one ID to identify yourself across multiple web sites. This will remove the need for "forgot your password?" links, your favorite pet etc. Also that you rely on one provider for your id that you trust (hopefully) and don't have to "give away" passwords, which you probably only have a few of, using them on all the different accounts you're creating around the Internet.

When you sign into a site using OpenID you get redirected to your provider for authentication. Here you can choose how much information you want to submit about yourself to the site you're logging on to. E.g. you may chose to send no information at all, just your name or email etc.

If you want to know more about OpenID and how it works, check out openid.net. Scott Hanselman has a Weekly Source Code edition of OpenID and also a podcast.

Don't have OpenID? I use myOpenId.com where I've also added my domain (torresdal.net), allowing me to use that instead of [myname].myopenid.com. My id is jon.torresdal.net. Another popular way of using your ID is to map it to your web site. Below is an example from my web site using myopenid.com:

    <link rel="openid.server" href="http://www.myopenid.com/server" />
    <link rel="openid.delegate" href="http://torresdal.myopenid.com/" />
    <link rel="openid2.local_id" href="http://torresdal.myopenid.com" />
    <link rel="openid2.provider" href="http://www.myopenid.com/server" />
    <meta http-equiv="X-XRDS-Location" 
          content="http://www.myopenid.com/xrds?username=torresdal" />

This way I can use blog.torresdal.net as my id. However, one side effect of this is that many blog engines use the name before the dot as your name. If I use my blog url as identifier on e.g. a blog hosted by blogger.com, the comment will say "blog said...", which is not very helpful.

I mentioned myopenid.com, but there are several other suppliers out there. Just Google openid and you'll find many.

PS! All comments to this blog post is expected to use OpenId!