Search code examples
c#windowswixenvironment-variablesuser-accounts

Create environment variables for a new user in C#


We are trying to build an installer, in Wix, for a product. Part of this product requires the installation of elasticsearch as a service, and getting it running as a service. The service should run under a separate user account.

The first step, getting the user account set up, has been successful. However, in order to allow elasticsearch to run correctly, we need to set up certain Environment variables. In order to reduce the chance of inadvertent user error, we will have to have these variables set under the elasticsearch user, not as machine-wide.

To this end, we need a way to create the variables under the specified user only. However, we have not yet been able to work out a way to do this, either using Wix or a C# extension.

The closest we have come is to query the ManagementObject in C# and discover the SID for our ELASTICUSER. We should, in theory, be able to write another environment variable to the Registry, under "HKEY_USERS\<SID>\Environment", as shown.

        var query = new SelectQuery("Win32_UserAccount");
        var manObjSearch = new ManagementObjectSearcher(query);
        var stringToWrite = string.Empty;
        foreach (var envVar in manObjSearch.Get())
        {
            if (envVar["Name"].ToString().ToUpperInvariant() == "ELASTICUSER")
            {
                elasticUserSid = envVar["SID"].ToString();
            }
        }

        using (var key = Registry.Users.OpenSubKey(elasticUserSid + "\\Environment"))
        {
            if (key == null)
            {
                return;
            }

            key.SetValue("OurVariable", "Value");
        }

However, it appears that the SID is not created in the Registry until the user first logs in.

So, is there any way to use either Wix, or in C# to create an environment variable for a newly created user that has never logged in?


Solution

  • Yes, from C# you can P/Invoke the LoadUserProfile Win32 API function. This will create the user's profile if it does not already exist, and load the user's registry hive.

    I would not recommend this approach for an account that will be used for interactive logons, but it should be safe enough for a service account.