Jump to content

[How To] Repack Application w/ AdminStudio


Recommended Posts

Ok, so here's the guide that so many have asked me to write. It's not quite the secret recipe for Coke but I have had numerous requests for it. Understand this first before anything else: I am not an expert when it comes to InstallShield AdminStudio, 7-Zip, WinRAR, Resource Hacker, or the Microsoft Installer (.msi) technologies. Sure, I know enough to get by and to get accomplished what I set out to do, but a lot of times I know what to do because I experimented long enough to figure it out. This is not to be confused with my knowing how or why it all works, particularly the nitty gritty details. Sometimes I "just know" and you'll just have to take my word for it - or not, it's up to you.

This guide was written based on my experience with VMware Workstation and Installshield's AdminStudio Version 6. I am almost totally unfamiliar with VirtualPC and Wise Package Studio, but I'm sure you could translate a good portion of this guide to those products. You will notice a lack of screenshots. I'll try to get some put together and will edit the guide when I do.

I am going to try my best to include enough detail so that even a relative beginner can substantially benefit from this. On the one hand you will need to have at least some basic knowledge of what it is we do here at MSFN. If you have never heard of svcpack.inf or have no idea as to it's purpose then read no further. You need to go to the MSFN Unattended Install Guide and take in some of the basics. If you are of intermediate level, then there's the possibility you're going to be seeing a whole of stuff here that you've known for a while already.

First things first. You need to get everything setup and ready to start repackaging. The idea here is get everything setup in such a way that you spend as little time and effort as possible on the background chores, maximizing your efforts at the repackaging itself. Repacking applications is not a very difficult thing to do most of the time, but it almost always is a lot of repitive and boring work. Oh, and throw in a lot of waiting for things to happen too. To start out with you will want to set up a virtual machine that's configured especially for our purpose.

Preparing the Guest (VM) Computer

  • The computer you install VMware on should have at least 1GB of RAM. Yes, you can do this with less, but you'll find things painfully slow much of the time.
  • Take a Windows XP SP2 source and integrate the latest release of RyanVM's Post-SP2 Update Pack only. No addons and no nLite. We want to have the operating system completely up to date, but we don't want too many extras and we certainly don't want any parts of it missing.
  • Install the following: .NET Framework V1.1 SP1 and V2.0, The latest version of Sun's Java runtime, and Registry Checkup by ParticleG Solutions. You can use whatever registry cleaning utility that you like but I find Registry Checkup to be a nice, simple, small and unobstrusive utility. One benefit is that it isn't overly aggressive at cleaning out the registry, it just cleans up what I want for repacking purposes. Lastly, it leaves only a single registry key and value to clean up later on in the process, but I'll get to that later in the guide.
  • Once you have everything installed, get the interface (meaning Windows Explorer mainly) configured to your liking.
  • Set a static IP address for VMware's AMD NIC.
  • Disable Automatic Updates completely.
  • Disable the indexing service.
  • Do not install any kind of antivirus, antispyware, or firewall software (disable Windows built-in firewall too).
  • If you have a premium hard disk defragmenting utility, you can install that if you like because I also recommend doing a complete offline and then online defrag. In those cases where you need to reboot the VM during the snapshot process, having the virtual hard disk fully defraged will cut down your wait time.
  • Enable the built in folder sharing feature of VMware and define the share on the physical computer as the root of your system drive.
  • Make a shortcut in the VM's Start Menu to the repackager executable on the physical computer. This is usually C:\Program Files\InstallShield\AdminStudio\6.0\Repackager\isrepackager.exe. You will use this shortcut to initiate and then finish off snapshots.
  • Go to Windows Explorer and navigate the tree so that it is exapanded out showing the C drive on your physical computer, but select the C drive on the VM. This way when you restore your snapshot, the tree is already expanded out and you can just click on the drive where your original install .exe files are located.
  • Last step, make a snapshot.

Preparing the Host (physical) Computer

  • Go to the AdminStudio Repackager directory, C:\Program Files\InstallShield\AdminStudio\6.0\Repackager, and open the file Options.ini. Scroll to the bottom and change UseHKCUProxy to equal Y and change UseMergeModules to equal N. The first change will make it so that any HKCU settings in an installer will be applied to the current user and any new user profiles created after the install. The second setting will allow your installers be, in some cases, dramatically smaller. I exclusively use the two step snapshot method which means that I'm getting all of the files the installer puts out, therefore having Repackager include merge modules is not necessary.
  • Create a subdirectory on your system drive called "AutoInstall".
  • Inside of that create a subdirectory called "Apps to Repack". Store the original install .exe files here.
  • Create a subdirectory of AutoInstall called "Final". This is the location to where I place Administrative Installation Points (referred to as AIP going forward).
  • Create a subdirectory of AutoInstall called "Icons". This should be relatively self-explanatory as it contains .ico files. I use IconShop for icon extraction, but there must be several dozen other utilities, both freeware and shareware, that will do the trick.
  • Create a subdirectory of AutoInstall called "Repack". This is where I direct the output from AdminStudio's snapshot. As you can see I have prepopulated the "Final" subdirectory with some files that we'll need for later.

RunHiddenConsole.exe is my preferred choice of bootstrap for launching .msi installs. It's the smallest I've seen and it's never done me wrong. Feel free to use msistub.exe if you like. I know others use it (including Macromedia among others) and it seems to work for them.

Config.txt is the file which will define the single command line action the self extracting installer will take once extracted; more on that later.

And finally, 7zSorg.sfx is the 7-Zip self extracting module we'll be using. Mine is hacked. I can't seem to find the thread here anymore and I don't remember who wrote it, but it was an MSFN thread and there were instructions on how to hack this file with Resource Hacker in order to make your 7-Zip installers totally silent. That's what I did to mine. It's completely silent; no progress bar, no nothing. This is fantastic for those installers you launch from svcpack.inf or RunOnceEx, but it's not so great for those times when you burn a CD for someone that has my Microsoft AntiSpyware installer and you have to tell them "just give it 5 minutes, it should be done by then." So I suggest keeping the original around for those times that you actually do want visible feedback. Here's a tip: associate the .sfx extension with Resource Hacker. It will really come in handy later on.

Phase 1 - Capturing the Application

As an introduction, I'm going to repackage KeePass Password Safe V1.04. This is a pretty "stock" repack with nothing out of the ordinary. I will put together some other lessons of other projects I've done that do include some special circumstances, but for now we'll start out with something easy and to the point. So if you want to follow along make sure you have the KeePass installer file in the Apps to Repack directory and fire up VMware.

  1. Restore your snapshot in VMware.
  2. When the snapshot is done restoring itself you should see Windows Explorer open with focus on the C drive of the VM but the tree expanded to show the host computer and it's C drive. Click on the C drive of the host computer and navigate to the Apps to Repack directory so that the installer is visible in the file pane.
  3. Go to the VM Start Menu and click on the shortcut for the Repackager. when you get the welcome dialog, click on Next.
  4. Choose "Snapshot" and click on Next. Then choose "Multiple Steps (Classic Style)" and click on Next.
  5. When the Repackager is done reading the system state click on Finish. Now double click on the KeePass installer executable.
  6. If you want to change any defaults during the installation, this is the time to do it. Anyone who has used more than a couple of my installers knows that I often deviate from the default. Here I change the install directory to C:\Program Files\Security\KeePass.
  7. On a side note: I pretty much NEVER let installer create desktop or quick launch icons. If they make them without asking, I always delete them.
  8. In this case I will run the program to change some of the default settings. For instance, I go to the options and select the checkbox for "Minimize to tray instead of taskbar". That's a personal choice thing really. When it comes to security and privacy though I usually go on the side of more secure / more private. In the Setup tab under Options there is a button to create a file association for .kdb files. Click it in order to create the association if you like. Since I use PuTTY, I've checked the box to use it for SSH. Check out the other options and make the modifications to suit your tastes.
  9. Another optional step. I go to the All Users Start Menu and rename the KeePass folder to Security and delete the extraneous shortcuts, leaving only the shortcut to the KeePass program itself.
  10. Now go to the directory C:\Program Files\Security\KeePass. Delete the files unins000.dat and unins000.exe. Since we're making an .msi file here, we obviously don't need the uninstaller routine which racks up 660KB in this case. while we're at it delete the url shortcut in the directory.
  11. Go to the VM Start Menu and run Registry Checkup. Kill the registry entry for the missing uninstaller. Close Registry Checkup and go to My Documents in the VM. Delete the folder created by Registry Checkup.
  12. Make sure KeePass isn't still running in the tray. Kill it if it is.
  13. Go to the VM Start Menu and run the Repackager. click on Next when the welcome dialog appears. In the next dialog make sure Snapshot is selected and click on Next. In the next dialog Multiple Steps (Analyze system status changes) should already be selected. Click Next.
  14. In the Product Information dialog, the only fields I fill in are the Product Name and Version. You can fill them all in if you like. For product name I entered "KeePass Password Safe 1.04". The reason I put in the version is so that you can easily tell what versions of software are installed just by looking in Add/Remove Programs. Click Next once you have everything filled out.
  15. For the path of your project, browse to the AutoInstall\Repack directory on the host computer. Click Start. You should receive a warning that you're about to overwrite an existing project. Click Yes.
  16. Once the process is finished click on Finish. Power down the VM and close VMware. Now we'll be working on the "real" computer.
  17. Now we have a bunch of stuff in the Repack directory to deal with. There is a subdirectory called PROGRAMFILESFOLDER which contains all of the captured files. Well all but one. KeePass.ini is not in there. This is because any .ini file associated with an install has it's settings captured and placed in the Repackager .inc script file. Let's open up the file "KeePass Password Safe 1.04.inc" with Notepad. Notice that what you name the project is the name of the project and script files.
  18. There is nothing that we want to change here, which in all honesty, is pretty rare. Often times there will be system related files that need to be excised. If the repackaging process calls for a reboot, AnyDVD is an example, you will have numerous subdirectories and files to delete. This means you would also have to delete them from the script file.
  19. Also take note that the .ini file entries are located in the script file. You can edit these if you see fit. The shortcut definitions are also in the script file. If you are repacking an application that creates advertised shortcuts, you would be well advised to delete the shortcut and create a regular one during the snapshot process. If you don't do this, the shortcut will cause the the build process the error.
  20. A two step snapshot will always create a file called Standard.nir. This file contains the registry entries captured. You will become intimately familiar with the registry if you decide to take on repackin apps as a hobby. A tip here is associate the .nir extension with Notepad. Open Standard.nir with Notepad now.
  21. Delete the following registry entries:

    This is from .NET 1.1. You will find this and if .NET 2.0 is installed, a similar entry directly beneath it.




    I usually find the defrag32 key in there, just delete it. The Tcpip keys are because I didn't follow my own advice above and did not set a static IP. So here you have network settings. Delete these as well.




    Whenever you see a key with "Bags" in it, that means it's a "most recently used" type of entry and it's safe to delete. The next key is the lone entry you'll find from using Registry Checkup and it's safe to delete. And finally at the end, I get the entry on every snapshot capture. Just delete it.

  22. Save and close the file.
  23. At this point I like to use 7-Zip to archive the project. You never know when you'll want to get back to it again. What I do is name the archive "Repack - " followed by the name of the project. So in this case it would be "Repack - KeePass Password Safe V1.04.7z"
  24. Now double click on "Keepass Password Safe 1.04.inc". Disregard the warning dialog box and click on OK. Now go to the Build menu and then select Build (real intelligent planning there by InstallShield).
  25. You will always see the following error in the long spewing list of things done:
    ISDEV : warning -6261: The property ALLUSERS is defined in the property table.  This may result in a setup that is always installed per-machine when it has been advertised as a per-user install. It is recommended that the ALLUSERS property not be defined in the Property table.

    Ignore this, it's meaningless.

  26. Now close Repackager and go back to the Repack directory. Delete all of the files except for the .msi file.
  27. Right click on the .msi file and select "Edit with InstallShield".
  28. The InstallShield Editor will open and you will see a scary looking tree on the left side. Click on Shortcuts. Now the screen will go triple pane. This is when your shiny Dell laptop with a 1920x1440 screen really comes in handy. Navigate the tree in the center pane to the shortcut for KeePass. Left click on the shortcut and the details for it will appear in the third, or right most, pane.
  29. If you notice, the shortcut's property for Advertised is set to Yes. We want to change this to No. I despise advertised shortcuts. They're nothing but trouble. If you want to know more about them, look it up on Microsoft's site.
  30. Back in the center pane again. You will find two directories in every .msi file that are generated by an InstallShield repack. Under "CommonFilesFolder" is a directory named "InstallShield" with a subdirectory named "UpdateService". Right click on the InstallShield directory and select delete. Under "ProgramFilesFolder" is a directory named "My Company Name" with a subdirectory named "My Product Name". Right click on "My Company Name" and select delete.
  31. Back to the tree in the left pane. Click on "Property Manager". On the right side you will see the properties for the .msi file. These are all standard with .msi file generated from a snapshot. If you open up an .msi file from a vendor, there will likely be most of these standard values, plus some custom entries. Some .msi files don't really follow the rules though (Windows Messenger V5 is a perfect example).
  32. The third entry in the list is "AgreeToLicense". I always change this to Yes. It just makes for one less step if someone decides to double click the .msi to install it.
  33. Scroll way down the list to the bottom. The fifth entry from the bottom is "RebootYesNo". I always set this to No. This will NOT suppress a reboot however. It only suppresses whether or not the installer should notify the end user whether or not a reboot is necessary. At the bottom of the property list is a blank line and in the left cell it says "Click here to add a new entry." Click there. Enter in REBOOT (all caps) for the property name. Then click in the cell to the right of that and enter in ReallySuppress. This is what will suppress a reboot. Now KeePass doesn't require a reboot, I'm just pointing it out and showing you what to enter in the event that you do need to put it in.
  34. Click on the floppy disk button on the toolbar to save your changes to the .msi file. Now you should have an .msi file that is suitable for distribution via group policy. You do not want to make a switchless silent installer out of this however. If you do, you're like to get all of those Windows Installer pop ups which will inevitably fail. I'm not going to get into a long discussion about it. This is one of those "trust me" moments.

Phase 2 - Making the Installer

Ok so now we have our .msi file. If you want to you could fire up VMware and take it for a spin to see that it installs and behaves the way you expect it to. I always take the .msi file and archive it away for when I might need it for a group policy environment. Now to make the switchless silent installer.

  1. Rename the file from "KeePass Password Safe 1.04.msi" to "KeePass.msi".
  2. Open a command prompt in the "Repack" directory. This is where the "Open Command Prompt Here" registry tweak comes in handy. Execute the following line at the command prompt: "msiexec /a KeePass.msi"
  3. Direct the AIP to install to "C:\AutoInstall\Final". Now let's go to the "Final" directory.
  4. Make a 7-Zip archive named "KeePass.7z" out of "KeePass.msi", "RunHiddenConsole.exe", and the "program files" subdirectory. By the way, don't think that 7-Zip is perfect. There have been a few times when my installer turned out to be smaller by using WinRAR. When compressing with WinRAR, leave out the "RunHiddenConsole.exe" file. WinRAR can launch .msi based installs all on it's own.
    Note: I'm going to pretty much blast through this as it has been covered previously, most notably by Keytotime who did a fantastic job outlining 7-Zip installer creation. I'm including this for the sake of completeness.
  5. Double click on config.txt. This is what the contents should be:
    RunProgram="RunHiddenConsole.exe /w msiexec /i KeePass.msi /qn"

    Save config.txt. If config.txt was not already encoded in UTF-8, then select "Save as" and make sure that the encoding is set to UTF-8.

  6. Double click on 7zSorg.sfx (you did associate .sfx with Resource Hacker right?). Expand the "Icon Group" branch, then expand the "159" branch, then right click on 1033 and select "Replace Resource". Click on the button "Open file with new icon" and browse to your desired .ico file and select it. Click on the "Replace" button. Go to the File menu and select Save. Exit Resource Hacker. You can delete the file 7zSorg_original.sfx.
  7. Drop to a command prompt in the "Final" directory.
  8. Execute the following command: "upx -9 -o7zS.sfx 7zSorg.sfx" (forgot to mention earlier that you will need to get UPX)
  9. Now execute this command: "copy /b 7zS.sfx + config.txt + KeePass.7z KeePass.exe"
  10. There you have it. A switchles silent installer. Now what you need to do is TEST IT! Don't go posting installers that you haven't tested. There's like 10 million things that could wrong and the first time you post an installer without properly testing it is when one of those things goes wrong. Believe me I've committed this most serious of MSFN faux pas and it ain't pretty. If you plan on advertising this installer as being usable from svcpack.inf, then for God's sake test it from svcpack.inf.

I will edit this thread shortly to add in constructing the installer with WinRAR. Also, I will put together more run throughs that tackle some trickier installations and point out more tips and tricks. So stay tuned...

The attachment in this post is a 7-Zip archive that contains the 7zSorg.sfx that I use (it's modified for completely silent use), a sample config.txt, and RunHiddenConsole.


Edited by RogueSpear
Link to comment
Share on other sites

  • 1 month later...

I've been administering AD environments since Windows 2000 was around SP1 and advertised shortcuts are nothing but trouble. Now I never deploy apps through a GPO any other way than computer assigned. But back on topic. Advertised shortcuts in repacks that are made into switchless silent installers is a huge no no.

All of the .msi files that I have posted for download use unadvertised shortcuts and I use them daily in AD environments. So they really aren't mandatory. Perhaps they are mandatory if you advertise the app rather than push it.

Link to comment
Share on other sites

Well when you "assign" an application to a computer and the shortcuts are advertised, I've seen it where every single launch of the application will trigger an msi action. And this isn't even just with repackaged apps either. Problem #2: Advertised shortcuts frequently cause the same problem if you make a switchless silent installer out of it. Considering the is no purpose whatsoever to an advertised shortcut, other than if you actually advertise the program, I see no reason keep the shortcuts as advertised. I have to be honest, you are the first person I've ever encountered who deploys applications in this way. Most admins know what they want installed on the computers in their network and simply assign them to domain or the OU, taking any user interaction (or lack of action) out of the equation.

Link to comment
Share on other sites

Understood. Well, we advertised for big accounts, such as Total or Societe Generale or Dassault... but there's a point we've missed in the discussion : in all cases, we keep a repository, with packages in read-only for all users. Of course, when making a run-once switchless installer, you'd choose to delete the msi. Then, sure, don't advertise.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Create New...