index > ClickOnce and Setup & Deployment Projects > Custom code to control installation

Custom code to control installation

I have been tasked with making a conditionalinstaller. The requirement is that only our employees can perform a new installation on a workstation, but our customers cando updates. When there is an update the msi file with the update will be sent to the customer. The customer can run the msi on any workstation where the app is installed. On a fresh install, a password should be asked for; the install should exit if a valid password is not installed.

This is a console app in VS 2008.

Any way to do this in a deployment project?

CootCraig Friday, May 29, 2009 10:50 PM

>Yes, the custom UI interface should validate the password and optionally terminate the install. So this is complex but possible?

Yes, it's possible.

>Can you outline how to do this with a ClickOnce deployment?

1. Right click the project to enter the property page of the project.
2. Switch to the Publish tab, and click Publish Wizard. Go through the wizard step by step.
3. Create a Login form for the installation site, if the user passes the validation, he(she) will be redirected to the installation site.

When we publish the application, a static html named "publish.htm" will be generated which is the place you can install the application. We can protect this page as any pages, so in step 3, I mentioned to create a Login form page to control the access of the installation site.

But it's not easy to customize the setup User Interface when using ClickOnce. So is it OK to validate the password after the application is launched in your case? We can add code to validate the password before the user can use any functionalities of the application.

To learn more about ClickOnce, you can refer to the link I provided in my first post.

Best regards,
Bruce Zhou

Please mark the replies as answers if they help and unmark if they don't.

Proposed As Answer byBruce.ZhouMSFT, ModeratorMonday, June 15, 2009 10:36 AM
Marked As Answer byBruce.ZhouMSFT, ModeratorWednesday, June 17, 2009 1:55 AM

Bruce.Zhou Tuesday, June 02, 2009 12:54 PM

Hi CootCraig,

The problem here is which way you will use to distinguish the users and the employees. Here did you want to use password? If only your employees know the installation password and the customers don't know, then only the employees can perform a new installation.

As for the requirement to prompt a password input on a fresh install, we can add a registry search for the setup project which check if the product is installed on the machine. If it doesn't exist, we know this is a fresh install. If it does, we know this is an update.

Besides, we also need to add a Custom UI interface to let the user to input password and create a immediate custom action to validate the input password. Here I think it's a bit complexer if you are using setup to deploy your project.

In your scenario, I think it would be easy if we use ClickOnce technology to publish the application. ClickOnce can publish the application to a web server, and we can add form authentication to the website to control the access of the installation entry. In addition, we don't need to send the updates to the customer once there's an update. We can configure the update policy of the ClickOnce deployed application so that the application will check for update once it's launched.

In case you are insterested, here's the complete guide for deploying application using ClickOnce.

If I've misunderstood you or there's any problem, please feel free to let me know.

Best regards,
Bruce Zhou

Please mark the replies as answers if they help and unmark if they don't.

Bruce.Zhou Monday, June 01, 2009 5:10 AM

Hi CootCraig,

The problem here is which way you will use to distinguish the users and the employees. Here did you want to use password? If only your employees know the installation password and the customers don't know, then only the employees can perform a new installation.

Our employees will have a program that generates a password using the "machine name" and today's date. I have written a class that decodes the password and checks for "machine name" and the current date, the password is then valid only today for one workstation.

As for the requirement to prompt a password input on a fresh install, we can add a registry search for the setup project which check if the product is installed on the machine. If it doesn't exist, we know this is a fresh install. If it does, we know this is an update.

Good, there are 2 conditions to check: 1) already installed or not. 2) valid password entered or not

Besides, we also need to add a Custom UI interface to let the user to input password and create a immediate custom action to validate the input password. Here I think it's a bit complexer if you are using setup to deploy your project.

Yes, the custom UI interface should validate the password and optionally terminate the install. So this is complex but possible? I followed the link and I'm not sure I want to attempt this.

In your scenario, I think it would be easy if we use ClickOnce technology to publish the application. ClickOnce can publish the application to a web server, and we can add form authentication to the website to control the access of the installation entry. In addition, we don't need to send the updates to the customer once there's an update. We can configure the update policy of the ClickOnce deployed application so that the application will check for update once it's launched.

Can you outline how to do this with a ClickOnce deployment? I would consider this.

Thanks,
CootCraig

CootCraig Monday, June 01, 2009 3:29 PM