Link to home
Start Free TrialLog in
Avatar of Llandr
Llandr

asked on

Deleting LockPermissions problem, need help (Network lockpermission problem)

I am having a problem with deleting rows from the LockPermissions table.

We are setting fullrights to EveryOne on one of our folders.
The user can select where the folder shoudl be.
If the user selects a network path then there is an error message.

I have tried to implement the following workaround:
Delete all rows from LockPermissions

<--- Code start --->
function DeleteRightsIfOnNetwork(hMSI)
NUMBER result;
HWND hDB, hViewlist, hResult,hRec;
begin
try
result=PathIsNetworkPath(TARGETDIR);
catch
endcatch;

if result!=0 then

// Is network drive
hDB = MsiGetActiveDatabase(hMSI);
//hResult=MsiDatabaseOpenView(hDB,"SELECT * FROM `LockPermissions` WHERE `User`='EveryOne'",hViewlist);
hResult=MsiDatabaseOpenView(hDB,"SELECT * FROM `LockPermissions`",hViewlist);
if hResult==ERROR_SUCCESS then
hResult=MsiViewExecute(hViewlist, NULL);
if hResult!=ERROR_SUCCESS then
MessageBox ("Error executing!!", INFORMATION);
endif;

while (MsiViewFetch(hViewlist, hRec) == ERROR_SUCCESS)
hResult = MsiViewModify(hViewlist, MSIMODIFY_VALIDATE_DELETE, hRec);
if (hResult!=ERROR_SUCCESS) then
MessageBox ("Error verifying!!", INFORMATION);
endif;


hResult = MsiViewModify(hViewlist, MSIMODIFY_DELETE, hRec);
if (hResult!=ERROR_SUCCESS) then
MessageBox ("Error deleting!!", INFORMATION);
endif;
endwhile;

else
if hResult==ERROR_BAD_QUERY_SYNTAX then
MessageBox ( "Bad Syntax!!", INFORMATION);
endif;
//
endif;
//MsiDatabaseOpenView(
endif;
end;
<--- Code end--->

And there are no errors when executing this.

The error is now replaced with a new error message:

"An error occurred while applying security settings.
Windows\ is not a valid user or group. This could be a problem with the package,
or a proble connecting to a domain controller on the network."

I feel like I am close to a solution, does anyone have any input to offer?
Avatar of Vadim Rapp
Vadim Rapp
Flag of United States of America image

what does the log say? what action fails?
Avatar of Llandr
Llandr

ASKER

It is CreateFolders that fails.
I have amde an extract from the log file, unfortunately some parts are localized to Swedish.
But I dont think it is the important things that are in Swedish,

<--- MSI log exctract --->
MSI (s) (F0:8C) [15:45:40:000]: Doing action: CreateFolders
Åtgärden startade 15:45:40: CreateFolders.
MSI (s) (F0:8C) [15:45:40:000]: Note: 1: 2205 2:  3: SidCache
MSI (s) (F0:8C) [15:45:40:000]: Using well known SID for System
MSI (s) (F0:8C) [15:45:40:000]: Finished allocating new user SID
MSI (s) (F0:8C) [15:45:55:031]: Note: 1: 1609 2: Windows\ 3: 1789
MSI (s) (F0:8C) [15:45:59:781]:
MSI (s) (F0:8C) [15:45:59:781]: Note: 1: 3
Åtgärden avslutades 15:45:59: CreateFolders. Returvärdet 2.
MSI (s) (F0:8C) [15:45:59:781]: Machine policy value 'DisableRollback' is 0
MSI (s) (F0:8C) [15:45:59:781]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (F0:8C) [15:45:59:812]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI (s) (F0:8C) [15:45:59:828]: No System Restore sequence number for this installation.
MSI (s) (F0:8C) [15:45:59:828]: Unlocking Server
Åtgärden avslutades 15:45:59: INSTALL. Returvärdet 2.
MSI (s) (F0:8C) [15:45:59:828]: MainEngineThread is returning 1602
MSI (s) (F0:78) [15:45:59:937]: Destroying RemoteAPI object.
MSI (s) (F0:34) [15:45:59:937]: Custom Action Manager thread ending.
MSI (c) (54:60) [15:45:59:937]: Back from server. Return value: 1602
MSI (c) (54:60) [15:45:59:937]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied.  Counter after decrement: -1
MSI (c) (54:60) [15:45:59:937]: PROPERTY CHANGE: Deleting SECONDSEQUENCE property. Its current value is '1'.
Åtgärden avslutades 15:45:59: ExecuteAction. Returvärdet 2.
Wouldn't it be easier to set permissions by custom action, running conditionally depending on result of PathIsNetworkPath.
Avatar of Llandr

ASKER

vadimrapp1:Wouldn't it be easier to set permissions by custom action, running conditionally depending on result of PathIsNetworkPath.

Yes that would also work, how do I do that?
ASKER CERTIFIED SOLUTION
Avatar of Vadim Rapp
Vadim Rapp
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Llandr

ASKER

CACLS solves the problem but doesnt answer the original question.
I will award the points.
If the original question was why the initial solution did not work - I'd say, hacking the package in the midst of working with it most likely has unpredictable consequences. You can never reliably assume what was already read and what was not, so it's possible that the table you edited was already read, then you changed it, then it was re-read... quite a mess that Installer did not expect.