May 31 2022 11:21 PM
Hi,
We have a service that we deploy using msix, all is working, however we now need to have the service automatic updated wihtout user interaction. We deploy the service outside microsoft store and want it to be like that for now... Ive implemented a small command line utility that i run that will run
[E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.43.0_Test] cmd /c powershell -command "Add-AppxPackage -ForceApplicationShutdown -Path E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.43.0_Test\TeklaTBoneMsix_1.2.43.0_AnyCPU.msixbundle"
when running this outside the service the utility works fine. However when i run under the service, and under SYSTEM account i get:
Install Msix E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.44.0_Test\TeklaTBoneMsix_1.2.44.0_AnyCPU.msixbundle
[C:\WINDOWS\system32] cmd /c powershell -command "Add-AppxPackage -ForceApplicationShutdown -Path E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.44.0_Test\TeklaTBoneMsix_1.2.44.0_AnyCPU.msixbundle"
Result: Add-AppxPackage : Deployment failed with HRESULT: 0x80073CF9, Install failed. Please contact your software vendor.
(Exception from HRESULT: 0x80073CF9)
Deployment Add operation rejected on package 66daac85-c649-42b7-b4ee-0deca2697f95_1.2.44.0_neutral_~_63fv57jsaj22j
from: TeklaTBoneMsix_1.2.44.0_AnyCPU.msixbundle install request because the Local System account is not allowed to
perform this operation.
NOTE: For additional information, look for [ActivityId] 2a54b8ab-74ad-000d-8580-552aad74d801 in the Event Log or use
the command line Get-AppPackageLog -ActivityID 2a54b8ab-74ad-000d-8580-552aad74d801
At line:1 char:1
+ Add-AppxPackage -ForceApplicationShutdown -Path E:\WinUiPackage\Tekla ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (E:\WinUiPackage...yCPU.msixbundle:String) [Add-AppxPackage], IOException
+ FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageManager.Commands.AddAppxPackageCommand
Its clear that the security for this account doesnt allow us to install the app. What are the alternatives here?
Ive tryed both runas, and elevate utilities... they both lock the process because they are requisting user interaction. either pass or uac bypass... Since we dont have the admin password so we can run it as admin account what are our alternatives there?
thanks in advance
jorge costa
Dec 29 2022 05:23 AM
Jan 11 2023 12:19 AM
Hi @jocs Can you please confirm if this worked for you? This will really help us debug the issue. Thanks
Oct 03 2023 08:24 PM
@jocs
Based on the docs here..
MSIX doesn't support windows services that need to run under system accounts. I think you need to fall back to MSI if you need to install a service under a system account. Or run some sort of custom script post install to configure it..
Your application requires a kernel-mode driver or a Windows service. MSIX does not support a kernel-mode driver or a Windows service that needs to run under a system account. Instead of a Windows service, use a background task.
Oct 04 2023 07:22 AM
@jocs I am assuming that you didn't really mean the System account, but that you were elevating from a user account, which is different...
The intended way to automate update MSIX apps (even those with services) is one of the following:
Trying to start that install from within the package directly is something that I don't think is going to work.