Solved

How to force all software to install from C:\Temp or C:\windows\temp?

Posted on 2016-08-04
16
80 Views
Last Modified: 2016-09-04
Quick question: Is there a means to force a software package to extract itself and install from someplace *other* than C:\users\user_profile\AppData\Local or C:\users\user_profile\AppData\Local\temp. In our environment there are issues *cough* McAfee HBSS *cough* which is making installation difficult because it's decided that software must install from anyplace from there. We cannot resolve that issue so I'm looking at a long-term solution. Any thoughts?
0
Comment
Question by:Chris Perry
  • 6
  • 5
  • 2
  • +2
16 Comments
 
LVL 90

Expert Comment

by:John Hurst
ID: 41743328
The temporary location is chosen by the installer and varies all over the place. You would have to change all these installers and you don't have access to them (90% of them).

No issue with Symantec Endpoint Protection.

Easier to change McAfee than all those installers. Also you have bigger fish to fry, so trying to fit everyone to McAfee strikes me as a waste of your time.
0
 
LVL 12

Expert Comment

by:Dustin Saunders
ID: 41743333
Second that.  We treat McAfee like poison.

I've been a big fan of WebRoot and its low footprint/ease of enterprise management.
0
 

Author Comment

by:Chris Perry
ID: 41743344
I totally agree, I totally agree. I'm just in a situation where A) McAfee won't/can't be adjusted or 'fixed' within a reasonable time frame (separate group, don't have rights), B) McAfee can't be disabled (same reason) and C) there's more than a few software requests which cannot be fulfilled due to this unexpected...'feature'. As with some of my prior questions, I'm providing due diligence and throwing a 'Hail Mary' pass in case there's a solution that I'm too tunnel-minded to have seen up until now.

At this point, I'm left with suggesting the reimage-and-install before joining to the domain (wherein McAfee digs in) or reworking some critical packages. I've read where WinZip or 7Zip can override the default Temp folder location, I'd just have to extract the software contents and rewrap from there. if that were to work.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 41743350
I thought you were talking about all software.

You can easily make WinZip install where you want - I use C:\temp but you can default to others.

7-Zip wants to go to the folder where the file is, but I change that on the fly. However if 7-Zip has an install to do (Symantec Endpoint uses 7-ZIp) the install will go where the installer says. Symantec goes to the Appdata folders.
0
 
LVL 12

Expert Comment

by:Dustin Saunders
ID: 41743351
If it's something like an MSI that extracts itself, you could pull it open and try running the exe from somewhere else.  Anything else it too hacky to recommend to someone else! (like changing environment variables to fool the installer to extract somewhere else)
0
 

Author Comment

by:Chris Perry
ID: 41743363
Heh, if I could change it for all I would. Since it isn't possible it would be on an app-by-app basis---iiif I had to go that route. (Had to do it with some software that vendors didn't do a good enough job of packaging.

Technically, Dustin, if one has the venerable Orca program one could change an MSI file's Temp default. Hacky, yes, but I agree. In any event there's too much software to support. Guess I can hang on till someone fixes something.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 41743366
Have you contacted McAfee Support? I / we just do not have this issue across hundreds of machines
0
 
LVL 87

Assisted Solution

by:rindi
rindi earned 250 total points
ID: 41743391
You could change the temp variable of the user to point to C:\windows\Temp rather than the temp folder of the user.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Chris Perry
ID: 41743463
We tried that, unfortunately it didn't work. And that's because the software installers are set to override the default Temp directory location. They're installing within the local user's profile (C:\users\user_profile\AppData\Local ) which is normally not a 'bad' thing except these days it is.
0
 
LVL 1

Accepted Solution

by:
P. Sisk earned 250 total points
ID: 41744965
How about creating a symbolic link like this at the start of each user session:

mklink /d C:\Users\USERNAME\AppData\Local C:\temp

That should effectively reroute all writes and reads normally going to Appdata\Local to C:\Temp.

Hope this helps.
1
 

Author Comment

by:Chris Perry
ID: 41747999
It's a no-can-do/not-allowed BS situation, unfortunately. It would work but create other 'securitah' problems and get us in deep.

So now I'm pondering if there's another way to do so short of writing a new wrapper for each app. Some way to slide it in, 'pave the way' (so to speak) before the main software drops its load and begins to extract itself.
0
 
LVL 1

Expert Comment

by:P. Sisk
ID: 41748642
So it sounds like you're in a no win loop. When I ran software packaging at a large firm we would look at each app for viability to publish via Xenapp or valiant App-V BEFORE signing off on any package. Perhaps since App-V is a self contained package bubble  that may help you although this means having to repackage any misbehaving package to that. Xenapp published apps we turned around in a day or two so they were a lot quick but still have to do the work..
Apologies I'm just not seeing a clean solution for you in the short term.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 41748649
It appears McAfee is the issue. I do what you want to do without any issue.
0
 

Author Comment

by:Chris Perry
ID: 41760676
Yep, it's a craptacular situation. Can't not use McAfee, can't turn it off except on an individual basis and only by going through a separate group. Oh, and in some cases they can't unblock the machines to allow installation because they aren't showing up in the...ah well.

So I extract the offending software and sometimes I'm lucky, only needs a rewrap. Other times the vendor made things tougher.

And to clarify, it's now a McAfee/HBSS policy that's been set in place which is doing it. All for 'securitah'.
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 41779660
@Chris Perry - you need to close or delete this question. You will have to decide that. Please close the question.
0
 

Author Closing Comment

by:Chris Perry
ID: 41783858
Changing default variable for Temp folder is a good idea unless vendor's software package specifically overrides whatever the stated default variable is. The symbolic link is a good idea, hasn't been implemented though I can see where it would be worthwhile (for admins doing installs, for example, since standard users shouldn't install anything.)

Almost half the situations are resolved by extracting the files from vendor wrapper and using that instead. The others, however, not so easy. In any event will make 'lemonade out of lemons', since Securitah will not back down. Thanks.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now