Search code examples
wixregistrysid

Writing To Registry Using SID For Permission Instead Of Group Name

When writing a registry value, is there a way to use the SID instead of the group name? E.g. currently I have:

<Component Id="RegistryEntries" Guid="{------sanitized------}">
    <RegistryKey Root="HKLM" Key="------sanitized------" ForceCreateOnInstall="yes">
        <Permission User="Users" GenericRead="yes" Read="yes" GenericWrite="yes" />
        <RegistryValue Name="ServerName" Action="write" Type="string" Value="" KeyPath="yes">
            <Permission User="Users" GenericRead="yes" Read="yes" GenericWrite="yes" />
        </RegistryValue>                
    </RegistryKey>
</Component>

which normally works, but fails in non-English languages, because of the "Users" name being translated. If I change the Permission elements to the SIDs, it should work (imo) but it does not:

<Component Id="RegistryEntries" Guid="{------sanitized------}">
    <RegistryKey Root="HKLM" Key="------sanitized------" ForceCreateOnInstall="yes">
        <Permission User="S-1-5-32-545" GenericRead="yes" Read="yes" GenericWrite="yes" />
        <RegistryValue Name="ServerName" Action="write" Type="string" Value="" KeyPath="yes">
            <Permission User="S-1-5-32-545" GenericRead="yes" Read="yes" GenericWrite="yes" />
        </RegistryValue>
    </RegistryKey>
</Component>

Instead it tries to search for a group literally called "S-1-5-32-545". Is there a way to do what I'm trying to do here? I know other non-wix installers can do this, but there is no information in the wix documentation on such things.

Solution

  • I had a very similar problem and could solve it:

    • Using <PermissionEx> from the Wix Util Extension instead of using <Permission>.
    • Using the built-in custom action WixQueryOsWellKnownSID to get the localized name of the Users group.

    First, you need to add the WixUtilExtension reference to your project. Then, you need to add the WixUtil namespace to your wxs source file:

    xmlns:util="http://schemas.microsoft.com/wix/UtilExtension"

    So now you can use the PermissionEx element from the Wix Util Extension:

    <util:PermissionEx User="[WIX_ACCOUNT_USERS]" GenericAll="yes" />

    To make the property WIX_ACCOUNT_USERS available, you need to (implicitly) call the built-in custom action WixQueryOsWellKnownSID by adding a property reference to your <Product>:

    <PropertyRef Id="WIX_ACCOUNT_USERS" />

    This works for me using Wix 3.10 on Windows 10 (English and German)