Sep 24 2019 10:27 AM
Sep 24 2019 10:27 AM
I'm looking for a way to allow apps to write to the local registry rather than the virtual one, either via exclusions or a manifest type file (In App-V, I just used to pop an exclusion in the registry)
The key will always be the same location for all apps.
Any suggestions welcome :)
Sep 30 2019 06:04 PM - edited Oct 01 2019 01:35 PM
The default answer is to not disable registry virtualization, of course. But the full answer is that there's no write virtualization for HKLM writes (those go to the real registry); writes to HKCU are virtualized, but they can be disabled by specifying a manifest property that disables registry virtualization: RegistryWriteVirtualization (https://docs.microsoft.com/en-us/uwp/schemas/appxpackage/uapmanifestschema/element-desktop6-registr...). This property requires a restricted capability (see link).
Edit: Restricted capabilities, which require approval for Microsoft Store submission and/or are generally only available to Microsoft and certain partners.
Oct 01 2019 01:23 PM
Hi@JeffWhiteside . After you add
RegistryWriteVirtualization and FileSystemWriteVirtualization, when you try to install the MSIX package, indeed these capabilities appear.
"Write registry entries and files that are not cleaned up on uninstall".
However, when you try to install it, you receive the following error "This app package is not supported for installation by App Installer because it uses certain restricted capabilities.".
The xmlns:rescap XML namespace declaration is added in the package manifest.
The only way i got this to install is by running powershell as admin and use add-appxpackage.
Am i missing something?
Oct 01 2019 06:23 PM
Hi @alexmarin89 ,
Our policy is currently that AppInstaller does not support installing applications with these restricted capabilities as you observed.
Currently, the work around of using the elevated powershell command is a good option.
May 04 2020 02:55 PM
Just wanted to add a note to this: Prior to 20-04 OS, the PSF Scripting could trigger a cmd file to run outside of the container, but be aware that as of 20-04 these now run inside the container (even if you ask not to). So yeah, as James suggested you've landed on the best option these days.