Best Installation Standards for Desktop App?

We have software (exe and dlls) to install on user machines. We use InstallShield 2012 to distribute it. Each site has multiple users. Based on installation standards, where should we install our program?

We first installed to Program Files\[CompanyName]\[SoftwareName] but some site admins refused to install it because they didn't want to grant Admin rights to each user. Then we switched to C:\Users\[UserName]\[CompanyName] but other site admins refused to install it because they say it doesn't play well with Roaming Profiles, and want it back in Program Files.

InstallShield has the option to install "For Everyone" and "Only Me." To me, this seems the way to go, but management is concerned most users won't know which to select and/or they'll select the wrong one. Especially since when we roll out a new version, the new setup uninstalls the old version and installs the new one, at which point the user is prompted each time.

Most sites are small and have no admins. But some sites are large with admins holding tight reins, demanding we go one way or the other. As I've researched, I've not found a clear way to proceed.

My gut says we should offer "For Everyone" and "Only Me" options and roll with the punches, such as incorrect choices by the user/admins. But before I defy management, I need to know if I'm on the right track or if I'm missing an option.

Thoughts? Suggestions?
Who is Participating?
Frosty555Connect With a Mentor Commented:
- Programs are supposed to be installed to the C:\Program Files\xxxxx folder. On a 64-bit PC running a 32-bit application, it should be installed in the C:\Program Files (x86)\xxxxxx folder.

- Program settings and files which are global to the entire computer should be stored in the C:\ProgramData\xxxxxx folder. Your program is supposed to create this folder at install time, setting the ACLs as needed. There generally isn't a whole heck of a lot in here that the user is able to control, because general program settings are usually configured on a per user basis. Making changes to files in this folder typically requires admin access (after all, those changes would affect other users on the system)

- Program settings and files which are specific to the user should be stored in the user's Application Data folder, e.g.  C:\Users\mary\AppData\Roaming\xxxxxx folder for the user's roaming profile, or C:\Users\mary\AppData\Local\xxxxxx folder for the user's local profile, depending on whether you want the settings to move with the user or not.

- Program documents which are created, and are supposed to be accessible by the user and opened by having them doubleclick on the file, should be saved in the "My Documents" folder for that user, e.g. C:\Users\mary\Documents\xxxxx

There are specific ways to retrieve what these folders are by using the Win32 API or the .NET Framework. You shouldn't hard code the paths. See here:

You need administrative privileges to install a program on a computer. If users can't have admin privileges, they can't install a program, period.  You solve this problem in a Windows environment by deploying the software as an MSI through group policy, which makes it possible to install the program unattended on the computer. Alternatively, the program can be "published" to the computer, and it becomes available for install by going to Control Panel->Program And Features.

When a program offers the option to install "For Everyone" vs. "Just Me", the biggest difference between the two is when you install "For Everyone", the shortcuts are placed on the Public Desktop and the Public Start Menu, which is shared with all users on the system. This requires admin access to touch these locations on the computer. Installing for "Just Me" puts the shortcuts on the specific user's Desktop and Start Menu.

Your installer should produce an MSI file that offers both options, and when the product is deployed via group policy, it is configured in the policy whether it is installed "For Everyone", or published so individual users can install the program, in which case it would be installed for "Just Me".
jjsatherAuthor Commented:
Thank you so much for the response, which helps a lot.

However, you say programs supposed to be installed in "Program Files." In the past, I've read you should do that if you want to install per-machine. But if you want to install per-user, then you should install into the User's AppData folder. Is that correct? Wrong? Or simply debatable?
Frosty555Connect With a Mentor Commented:
I could be proven wrong by somebody else here... but I've never heard of programs being installed in the AppData folder.

I mean, sure it's a convenient place to put an application, since a program running as a non-administrator has access to that folder and it's out of sight from the user. But... it's intended to be for application DATA, not applications themselves.

A cursory glance at my own AppData folder shows there aren't any programs there. There are a handful of EXEs but they're mostly updaters, crash handlers, installers, basically temporary programs that were probably downloaded by actual installed applications.

Programs are only supposed to be installed by administrators - that's pretty much the whole point of having limited users is preventing them from installing unauthorized software on the machine.
jjsatherAuthor Commented:
All I know is if my InstallShield setup is to install to "Program Files", but if I include the option to select "Just Me", and choose it, all files end up in C:\Users\[UserName]\AppData\Local\Programs. Like you, I have no other entire programs there, but I always pick "For Everyone" when I install programs.

However, maybe I'm asking the wrong question and should back up...

Management wants the same Setup.exe to work for new users and to update existing users. So when users run our software, if there's a new version, they can download and run it. The setup completely uninstalls the old version and installs the new version. (Likewise, a new user can run the same file and get the new version.)

Is this bad practice? As a result, you can see why we install to the Users folder, since every user may not have admin privileges.
Frosty555Connect With a Mentor Commented:
I don't see anything wrong with having a single .EXE or .MSI which will both install a new version, and update the old one. Actually I think .MSI files do support this directly. And if you're using InstallShield, your Setup.exe is just a small wrapper for the MSI file.

The deviation from best practices here is when you say "if there's a new version, they [the user] can download and run it" - that's a task that a computer administrator is supposed to be doing, not a regular user.

If the users are expected to perform administrator tasks on their computers, like installing and updating programs, then they need administrator rights to their computer.

If management will not give their users administrative rights, then the users are not administrators! And it is therefore not their job to install a program or run a Setup.EXE on their workstation. An administrator can install the program, either manually, or automatically through the use of a group policy.

It's sort-of like saying "fly this plane!" and then in the same breath saying "But, you're not allowed in the cockpit", and then attempting to solve the problem by trying to extend just the flightstick into the passenger's seat  ;)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.