Windows Service Msix Automatic Update - in SYSTEM ACCOUNT

Occasional Contributor



We have a service that we deploy using msix, all is working, however we now need to have the service automatic updated wihtout user interaction. We deploy the service outside microsoft store and want it to be like that for now... Ive implemented a small command line utility that i run that will run 


[E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.43.0_Test] cmd /c powershell -command "Add-AppxPackage -ForceApplicationShutdown -Path E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.43.0_Test\TeklaTBoneMsix_1.2.43.0_AnyCPU.msixbundle"


when running this outside the service the utility works fine. However when i run under the service, and under SYSTEM account i get:


Install Msix E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.44.0_Test\TeklaTBoneMsix_1.2.44.0_AnyCPU.msixbundle
[C:\WINDOWS\system32] cmd /c powershell -command "Add-AppxPackage -ForceApplicationShutdown -Path E:\WinUiPackage\TeklaTBone\TeklaTBoneMsix_1.2.44.0_Test\TeklaTBoneMsix_1.2.44.0_AnyCPU.msixbundle"
Result: Add-AppxPackage : Deployment failed with HRESULT: 0x80073CF9, Install failed. Please contact your software vendor.
(Exception from HRESULT: 0x80073CF9)
Deployment Add operation rejected on package 66daac85-c649-42b7-b4ee-0deca2697f95_1.2.44.0_neutral_~_63fv57jsaj22j
from: TeklaTBoneMsix_1.2.44.0_AnyCPU.msixbundle install request because the Local System account is not allowed to
perform this operation.
NOTE: For additional information, look for [ActivityId] 2a54b8ab-74ad-000d-8580-552aad74d801 in the Event Log or use
the command line Get-AppPackageLog -ActivityID 2a54b8ab-74ad-000d-8580-552aad74d801
At line:1 char:1
+ Add-AppxPackage -ForceApplicationShutdown -Path E:\WinUiPackage\Tekla ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (E:\WinUiPackage...yCPU.msixbundle:String) [Add-AppxPackage], IOException
+ FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageManager.Commands.AddAppxPackageCommand



Its clear that the security for this account doesnt allow us to install the app. What are the alternatives here?


Ive tryed both runas, and elevate utilities... they both lock the process because they are requisting user interaction. either pass or uac bypass... Since we dont have the admin password so we can run it as admin account what are our alternatives there?


thanks in advance

jorge costa


0 Replies