Blog

Wednesday, September 16, 2015

Fixing InstallShield's Visual C++ 2015 Runtime Preqrequisite

NOTE: InstallShield Professional 2015 SP1 has been released which addresses this issue.

At FireDaemon we’re using cutting-edge production tools like Visual Studio 2015 Professional and InstallShield Professional 2015.

A C++ program usually depends on the C/C++ runtime and the recommended way of deploying it along with your product is by utilising the Visual C++ Redistributable for Visual Studio 2015 from Microsoft.

In order to create a pleasant end-user experience we are integrating the runtime package into our Session 0 Viewer installer as a "prerequisite". These are simply installer conditions packaged as .prq file. You can create such prerequisites on your own by using Installshield’s Prerequisite Editor. InstallShield however already provides a lot of such prerequisites, as you can figure from the following screenshot:

InstallShield Redistributables

The prerequisite file for the Visual C++ 2015 runtime isn’t included yet in InstallShield Professional 2015, but one can download it from their saturn server where they upload all the prerequisite files: download for x86, download for x64.

When we tested our installers we discovered a problem with the 32-bit installation on a 64-bit machine: Session 0 Viewer 32-bit wouldn’t work at all when we installed it after having installed and removed Session 0 Viewer 64-bit. We noticed that the 32-bit runtime wouldn’t get installed!

After investigating the problem further it turned out that the prerequisite for the 32-bit runtime checks the following registry key by default to have a certain value:

HKLM\SOFTWARE\Wow6432Node
    \Microsoft\DevDiv\VC\Servicing\14.0\RuntimeMinimum\UpdateVersion


Unfortunately, this key is not only set by the 32-bit redistributable but also by the 64-bit redistributable:

InstallShield Prerequisites

The quick solution is simple: create your own prerequisite that doesn’t check for this specific registry value but where the DLL is explicitly present: %SystemRoot%\SysWOW64\vcruntime140.dll.

Since this is clearly an InstallShield issue we opened a support case and they confirmed the prerequisite needs to be updated. Good news! Here’s an excerpt of the communication with Flexera support:

“Hi Klaus,

I have an update from our engineering team regarding this case. They have updated the conditions on the C++ 2015 Prerequisite so that it is not incorrectly detected as installed when the x64 redistributable is installed. So the conditions will be correct when this prerequisite is released with InstallShield 2015 SP1. Thanks for reporting the issue.

Regards,

Flexera Software Support”


Klaus Triendl, Software Engineering Director @ FireDaemon Technologies Limited
Wednesday, August 13, 2014

Avoiding Session 0 Auto Logout with FireDaemon Pro and AutoIT

Check out the FireDaemon Session 0 Viewer. It supersedes the method of switching to an remaining on Session outlined below.

Session 0 is the default Windows session where interactive FireDaemon Pro services are run. You can use the Interactive Services Detection Service prompt or the FireDaemon Pro Switch To Session 0 button to switch to Session 0 from your currently logged in desktop.

 Avoiding Session 0 Auto Logout with FireDaemon Pro and AutoIT

FireDaemon Pro Switch To Session 0 Menu Icon

Irrespective of whether you are at your machine's physical console or you RDP into your server, Session 0 will automatically log you off if there is no mouse or keyboard activity seen after 60 seconds or so. To get around this you can use FireDaemon Pro in conjunction with AutoIT to inject synthetic mouse movements and mouse clicks into Session 0. Note that you cannot RDP directly into Session 0 nor return to Session 0 directly if your RDP session was closed. Note that this technique may work with Team Viewer and other similar remote control applications (but you will need to test them). So here's what you need to do:

  1. Download and install FireDaemon Pro
  2. Download and install AutoIT
  3. Create an AutoIT script in a text editor (eg. Notepad) and save the script in the folder of your choice (eg. C:\AIScripts). We have called the script: s0-keys.au3
    While (1)
    MouseMove(10,10);
    MouseClick("left");
    Sleep(30000);
    WEnd;
  4. This script is really simple. It moves the mouse to certain X and Y coordinates and clicks the left mouse button. The script then sleeps for 30 seconds and does it all over again. You can adjust these settings as you feel necessary but don't make the Sleep too low (eg. less than 10 seconds) as the script will run again rapidly and you might find you have lost control of your mouse!
  5. Now create the following FireDaemon Pro service copying the contents of the screen shot below. Install the service, then switch to Session 0 and you will find you are no longer automatically logged off Session 0!

    FireDaemon Pro Session 0 Synthetic Mouse Movement and Key Press Service Configuration



Tuesday, July 08, 2014

Starting Interactive FireDaemon Services In Session via Automatic Logon and Scheduled Tasks

This article provides an alternate method of starting Interactive Windows Services and detection under FireDaemon control in the currently logged in session. In our previous article we discussed how to do this using logon scripts. In this article we discuss how to automate your Windows login and run interactive services using Scheduled Tasks.

Step 1: Install FireDaemon Pro and Setup Your Services This is fairly straight forward:

  1. Download and install FireDaemon Pro
  2. Create your FireDaemon services. Ensure they are set to Manual Start and they are running as the LocalSystem account (ie. don't specify a user in your configuration). Check out our HOWTOs if you need a guidance setting up your app under FireDaemon control.

Step 2: Setup Automatic Login You now want to set automatic login for user you want to run your services as. To do this on Windows 7:

  1. Run netplwiz.exe
  2. Uncheck "Users must enter a username and password to use this computer" then click OK
  3. Supply the autologin username and password. If you want to use a domain user account see this article.
Step 3: Create a Schedule You now need to create a scheduled to auto elevate FireDaemon the starting of your services:
    1. Create a new Task (not a Basic Task) as follows:
    2. Run sched.exe (Windows 7) or taskschd.msc /s (Windows 8). Then in the
      • General Tab
        • Name: FireDaemonServices
        • Check: Run only when user is logged on
        • Check: Run with highest privileges
        • Check: Hidden
        • Configure for: Windows 7, Windows Server 2008 R2 (change this to suite your app and version of Windows)
      • Actions Tab (add an action for each service to be elevated - click the New button. Replace ServiceA with the actual short name of your service)
        • Action: Start a Program
        • Settings / Program/Script: "C:\Program Files\FireDaemon\firedaemon.exe"
        • Settings / Add Arguments:  --start ServiceA --in-session
      • Conditions Tab
        • Uncheck Start the task only if the computer is on AC power
      • Settings Tab
        • Uncheck Stop the task if it runs longer than
        • Uncheck If the running task does not end when request
        • If the task is already running, then the following rules applies: Run a new instance in parallel
    Step 4: Create a Shortcut Lastly, create a shortcut in the Startup Folder of the user in question that points to: C:\Windows\System32\schtasks.exe /run /tn "FireDaemonServices" And that's it - when you boot/reboot your machine your machine will auto login and run all your nominated FireDaemon services interactively. Should a service crash or be terminated accidentally then FireDaemon will restart you app in session.
    Thursday, May 15, 2014

    Starting Interactive FireDaemon Services In Session At Login Using Login Scripts

    Windows Vista or later implements Session 0 isolation. What this means is that services with a GUI component that would normally interact with the Desktop are not visible if you RDP into your server or login via the console. You will have to switch to Session 0 via the Interactive Services Detection Service popup. You can run Interactive FireDaemon Services on your RDP session though. There are some caveats:

    1. The FireDaemon service must be configured to run as the LocalSystem account. When the service runs In Session it will run under the logged in users credentials
    2. If you log off the service will be killed. FireDaemon will restart the service for you but back on Session 0.

    You can write a Windows logon script to run your services interactively. To do this:

    1. Create all the necessary FireDaemon services using the FireDaemon GUI
    2. Decide whether you want these services to be Manual start (ie. let the login script start them) or Automatic start (ie. they are started when Windows starts)
    3. Write the logon script batch file and place it somewhere logical on your C: drive
    4. Configure the logon script to run at logon via the Local Group Policy Editor.

    Here's an example logon script - it uses the "call" directive to avoid UAC and elevate appropriately. Remember the user you login as in this instance must have the necessary privileges (eg. be a member of the Administrators group) in order to run FireDaemon effectively. Use this script if your services are manual start (ie. your services are started In Session and killed and stopped when you logoff).

    call "C:\Program Files\FireDaemon\FireDaemon.exe" --start Mercury --in-session > Log.txt
    call "C:\Program Files\FireDaemon\FireDaemon.exe" --start Runtime --in-session >> Log.txt
    call "C:\Program Files\FireDaemon\FireDaemon.exe" --start Taskmgr --in-session >> Log.txt
    call "C:\Program Files\FireDaemon\FireDaemon.exe" --start LST_Server --in-session >> Log.txt

    Use this script if your services are set to automatic (ie. your services are restarted In Session and killed and restarted on Session if you logoff):

    call "C:\Program Files\FireDaemon\FireDaemon.exe" --restart Mercury --in-session > Log.txt
    call "C:\Program Files\FireDaemon\FireDaemon.exe" --restart Runtime --in-session >> Log.txt
    call "C:\Program Files\FireDaemon\FireDaemon.exe" --restart Taskmgr --in-session >> Log.txt
    call "C:\Program Files\FireDaemon\FireDaemon.exe" --restart LST_Server --in-session >> Log.txt

    For more information on the FireDaemon Command Line Interface and various command syntax please see this section in the manual.

    Friday, August 10, 2012

    Interactive Services Detection - Accessing Session 0 on demand via the command line

    Note that the FireDaemon Pro installer enables the UI0Detect service plus allows you to switch to the Session 0 desktop via the FireDaemon GUI or CLI.

    Also check out the FireDaemon Session 0 Viewer. It supersedes the method of switching to and remaining on Session 0 as outlined below.

    Windows Vista introduced us to the concept of Session 0 Isolation. This was in response to the need to isolate highly privileged service applications from malicious applications running in user space. These malicious applications would attempt to inject arbitrary code via into the service application via the application's message loop. These attacks are classified as shatter attacks. The net effect of this is that interactive Windows services are only available on Session o (or the Console session). When you log on to your Vista, 2008 or Windows 7 machine you now no longer login to Session 0 but into Session 1. Session 0 Isolation becomes problematic when attempting to run applications under FireDaemon as the interactive component (ie. the application's "visible" GUI) is no longer visible on the currently logged on session. Luckily Microsoft supplies the Interactive Services Detection Service on Windows Vista, 2008 and 7 to allow you access to Session 0 so you can interact with any interactive services (including FireDaemon ones) running on that session. Enabling the Interactive Service Detection Service (UI0Detect - that's UI "zero" Detect) is completed fastest at the command line. You will need to be an administrator to do this. Open an elevated command prompt and type:

    sc config ui0detect start= auto

    followed by

    sc start ui0detect

    Interactive Services Detection

    Once that is done you will notice the Interactive Services Detection popup in the Task Bar:

     

    This dialog can be annoying and is easily dismissed by clicking on Ask me later. The problem then arises on how to switch to the Session 0 desktop when the Interactive Services Detection popup is not present? There are two undocumented system calls available which allow you to switch to and from Session 0: WinStationSwitchToServicesSession and WinStationRevertFromServicesSession. These two system calls only work if the Interactive Services Detection service is running. To switch to Session 0 enter the following at a command prompt:

     rundll32 winsta.dll,WinStationSwitchToServicesSession

    Windows will switch desktop and you will find yourself on Session 0. You can then revert back to your logged in session by clicking on Return now or entering the following at a command prompt:

    rundll32 winsta.dll,WinStationRevertFromServicesSession



    Recent Posts



    Tags


    Archive

      Sign up for Product Updates and Discounts
      Captcha Image
      ×