[joemarriott]

Hi Everyone,

Anyone know how to get a customed logmein.msi file to install correctly using a group policy deployment?

The logmein MSI file I've created runs fine on multiple machines and doesn't show any errors when run manually by double clicking the MSI in windows explorer. The machines show up in the logmein website fine. Whenever the MSI tries to install via a Group Policy object it fails and the only information I can find in the event log is an entry saying:

"The assignment of application LogMeIn from policy SW LogMeIn failed. The error was : Fatal error during installation. "

After turning on logging for MSI I get the following information:
=== Verbose logging started: 24/07/2008 15:31:13 Build type: SHIP UNICODE 3.01.4000.4042 Calling process: \??\C:\WINDOWS\system32\winlogon.exe ===
MSI © (78:38) [15:31:13:061]: User policy value 'DisableRollback' is 0
MSI © (78:38) [15:31:13:061]: Machine policy value 'DisableRollback' is 0
1: 2905 2: C:\WINDOWS\system32\appmgmt\MACHINE\{de320eb6-dcc9-4868-a418-1c5f027a6a9c}.aas
MSI © (78:38) [15:31:13:093]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
MSI © (78:38) [15:31:13:093]: DoAdvertiseScript is returning: 1603
=== Verbose logging stopped: 24/07/2008 15:31:13 ===

I'm thinking the issue is related to the fact that the install is running under the SYSTEM account and that theres maybe a limited windows profile loaded etc. Can someone help me fix it please?

Much appreciated,
Joe

[gizzmo]

Well I've used the tips slimbyte has given on various boards to make the logmein auto install, it works flawlessly (unless i hit group policy issues which is understandable) BUT recently someone else has added me as a Administrator on their LogMeIn account giving my account TWO profiles....so now when i run my custom install it fails because it doesnt know what profile to install under....I cant find a *.msi file switch that will tell it to use my account.....

Thoughts? Ideas?

[nabilalk]

gizzmo, on Aug 6 2008, 03:57 PM, said:

Well I've used the tips slimbyte has given on various boards to make the logmein auto install, it works flawlessly (unless i hit group policy issues which is understandable) BUT recently someone else has added me as a Administrator on their LogMeIn account giving my account TWO profiles....so now when i run my custom install it fails because it doesnt know what profile to install under....I cant find a *.msi file switch that will tell it to use my account.....

Thoughts? Ideas?

Would you mind providing some urls to slimbyte's tips that you referenced?

Thanks!

-NKA

[gizzmo]

nabilalk, on Aug 6 2008, 03:11 PM, said:

gizzmo, on Aug 6 2008, 03:57 PM, said:

Well I've used the tips slimbyte has given on various boards to make the logmein auto install, it works flawlessly (unless i hit group policy issues which is understandable) BUT recently someone else has added me as a Administrator on their LogMeIn account giving my account TWO profiles....so now when i run my custom install it fails because it doesnt know what profile to install under....I cant find a *.msi file switch that will tell it to use my account.....

Thoughts? Ideas?

Would you mind providing some urls to slimbyte's tips that you referenced?

Thanks!

-NKA

He is thread three in this big thread...

http://www.msfn.org/board/Silent-Install-o...ded#entry678473

That same issue has been copied onto other boards through out the Internet...I used it to kick start my learning into customizing the install...but I cant seem to find a way around my current issue...

[starsipping]

Alas, despite following all the advice in this post I keep getting the popup after the silent install that states "Could not attach this computer to your LogMeIn account. Please open LogMeIn and confirm your account details" following the successful silent installation.

Here's what I've done so far following the advice of these posts:

• Using Orca, I've modified the LogMeIn.msi file freshly downloaded from the LogMeIn.com website
  
• I added all the suggested changes, in the following order:

• 1. on InstallExecuteSequence table, find GetDeployInfo action and change condition from: UILevel=2 AND UPGRADEPRODUCT<>1 AND InstallMode<>"Remove" into: UPGRADEPRODUCT<>1 AND InstallMode<>"Remove"
  
• 2. on InstallExecuteSequence table add following 3 actions: action: GetLMIRegistrationCookie condition: NOT Installed sequence: 3710 action: LMIGetLicense condition: NOT Installed sequence: 3730 action: LMIGetLicenseForProfile condition: NOT Installed sequence: 3720
  
• 3. on Property table change following property: find LicenseType property and change value from: IT into: free
  
• 4. on InstallExecuteSequence table, find CreateUserSetProperty action and change condition from: CANCREATEUSER AND PASSWORDSOK="true" AND VersionNT AND REMOVE<>"ALL" into: VersionNT AND REMOVE<>"ALL"
  
• 5. on InstallExecuteSequence table, find CreateUser action and change condition from: CANCREATEUSER AND PASSWORDSOK="true" AND VersionNT AND REMOVE<>"ALL" into: VersionNT AND REMOVE<>"ALL"

• I made sure that when I saved the "LogMeIn.msi" file after editing it with Orca that the file size was 9,776KB both before and after the minor modificatoins listed above so it's a valid and functional file.
  
• I created a custom batch file that has the following commandline: msiexec.exe /qn /i "y:\logmein.msi" USERPASSWORD=pcpassword USERVERIFYPWD=pcpassword USEREMAIL=email@email.com USERWEBPASSWORD=password LicenseType=free

I used the same password for "pcpassword" alluded above and the "email@email.com" and "password" were the valid e-mail/password that I use to log into my account at https://www.logmein.com. Any idea what I'm doing wrong? My goal is to get a truly silent installation that I can push out via login script.

Thanks in advance for any advice!

[imekul]

nabilalk, on Jul 20 2008, 12:32 AM, said:

The only issue that I still have, is that anyone who you send the Custom LogMeIn install will have access to your LogMeIn account online, because they can just get your email and LogMeIn password from the batch file. Anyone know of a way to protect this information from clients?

-NKA
PS: Sorry for the Caps, but that is how they are displayed in Orca and the batch.

Hi there. I'm brand-new here, but I have an idea as to how to solve the password issue. I was wondering this myself. I love the idea of a silent, one-click install and everything, but I'm a little uneasy about having my account login details included in every file I send to somebody. Even though most people probably won't be savvy enough to find the password, I still don't want to have that floating around there.

So, how about this? LogMeIn Free lets you create a list of security codes that are good for one use only. The procedure is, you enter in your e-mail and password to log in, and then immediately after that, you're asked for the security code. Once you enter that, you're in. LMI gives you the option to generate some 40 of these random, one-time-use codes. So you can generate a list of 40, print them (or store them on your phone or wherever), and then just use them whenever you need to log in. And then, you can just change your LMI account password to some throwaway password, as the main security will be coming from the random security codes.

How does that sound? I'm trying to think of any flaws in this idea, but offhand it seems like it might be the perfect secure solution for this.

Another option, which really isn't all that appealing, is to temporarily change your account password whenever you deploy the MSI, and then once the client has it installed, you change your LMI password back to your original one. But still, this way, there's the possibility that the user could log in to your account before you change your password back.

What do you guys think of the idea of the security code? I understand it would be a little more cumbersome, but do you think it's worth it? Or has anybody else found a better way to deploy the MSI like this without having their account password floating around in a batch file or something?

I'd appreciate your thoughts!

Luke

This post has been edited by imekul: 17 September 2008 - 09:39 PM

[oskingen]

I have downloaded the latest release of logmein and i'm experiencing an error everytime i tried the silent install. Have you this also ?
error: directory x64 not found

[starsipping]

imekul, on Sep 17 2008, 11:38 PM, said:

nabilalk, on Jul 20 2008, 12:32 AM, said:

The only issue that I still have, is that anyone who you send the Custom LogMeIn install will have access to your LogMeIn account online, because they can just get your email and LogMeIn password from the batch file. Anyone know of a way to protect this information from clients?

-NKA
PS: Sorry for the Caps, but that is how they are displayed in Orca and the batch.

Hi there. I'm brand-new here, but I have an idea as to how to solve the password issue. I was wondering this myself. I love the idea of a silent, one-click install and everything, but I'm a little uneasy about having my account login details included in every file I send to somebody. Even though most people probably won't be savvy enough to find the password, I still don't want to have that floating around there.

So, how about this? LogMeIn Free lets you create a list of security codes that are good for one use only. The procedure is, you enter in your e-mail and password to log in, and then immediately after that, you're asked for the security code. Once you enter that, you're in. LMI gives you the option to generate some 40 of these random, one-time-use codes. So you can generate a list of 40, print them (or store them on your phone or wherever), and then just use them whenever you need to log in. And then, you can just change your LMI account password to some throwaway password, as the main security will be coming from the random security codes.

How does that sound? I'm trying to think of any flaws in this idea, but offhand it seems like it might be the perfect secure solution for this.

Another option, which really isn't all that appealing, is to temporarily change your account password whenever you deploy the MSI, and then once the client has it installed, you change your LMI password back to your original one. But still, this way, there's the possibility that the user could log in to your account before you change your password back.

What do you guys think of the idea of the security code? I understand it would be a little more cumbersome, but do you think it's worth it? Or has anybody else found a better way to deploy the MSI like this without having their account password floating around in a batch file or something?

I'd appreciate your thoughts!

Luke

The solution I used was similar to yours - I created a second LMI "User" account (not an administrator account) with rights only to the Unassigned group. Then, we use this account to add new machines via a script and just monitor the Unassigned group every few days or so and move newly added machines out of it. That way, the account that's embedded in the script cannot do much of anything other than add machines, and once we move the machines out of the "Unassigned" area, problem solved!

Also, we added to our batch file for the silent LMI install to run the "net user /d LogMeInRemoteUser" command after finishing the install to purge this local user account. That way, the pesky "Computer Access Code" is removed as the default option when you try to remotely administer a machine from www.logmein.com.

[Pelekan]

hannubys, on Sep 25 2008, 08:06 AM, said:

I have downloaded the latest release of logmein and i'm experiencing an error everytime i tried the silent install. Have you this also ?
error: directory x64 not found

I have the same issue. Any solutions?

[Pelekan]

OK. After few test i've found that if i use command:

msiexec.exe /qr /i "y:\logmein.msi" USERPASSWORD=pcpassword USERVERIFYPWD=pcpassword USEREMAIL=email@email.com USERWEBPASSWORD=password LicenseType=free

I'm can install LogMeIn, but during installation i still getting error message: "Profile does not exist"

[markdamen]

Does anybody know if this still works with the Version 4 install of logmein.msi. Its just that the options specifed above for changing in ORCA do not appear in the .msi that I have downloaded today.

Thanks

[Pelekan]

markdamen, on Oct 6 2008, 01:43 PM, said:

Does anybody know if this still works with the Version 4 install of logmein.msi. Its just that the options specifed above for changing in ORCA do not appear in the .msi that I have downloaded today.

Thanks

Yes, this still works. I've just one problem with this, I'm getting error message: "Profile does not exist".
I've done Autoit sctipt (just few lines, to eliminate this message.

[Nunos]

Okay so I am a complete noob but I can not get this to work for me. Also I am looking for a way to build this so i don't have to send a batch file that the customer can edit to get the username and password with. I tried the Inno Setup as mentioned on page one but I am unable to make it work. Anyone have this working in a switchless installer or some sort of package that can be deployed via a website? Sorry if I sound like a complete NOOB but then again I are one

[stetrault]

Pelekan, on Oct 6 2008, 05:53 PM, said:

markdamen, on Oct 6 2008, 01:43 PM, said:

Does anybody know if this still works with the Version 4 install of logmein.msi. Its just that the options specifed above for changing in ORCA do not appear in the .msi that I have downloaded today.

Thanks

Yes, this still works. I've just one problem with this, I'm getting error message: "Profile does not exist".
I've done Autoit sctipt (just few lines, to eliminate this message.

I am having the same problems, i also tried Autoit to fix the problem, but i have no success so far
It is possible for you to share your Autoit script code with us? ( Without the passwords )

[Pelekan]

stetrault, on Oct 20 2008, 09:44 AM, said:

Pelekan, on Oct 6 2008, 05:53 PM, said:

markdamen, on Oct 6 2008, 01:43 PM, said:

Does anybody know if this still works with the Version 4 install of logmein.msi. Its just that the options specifed above for changing in ORCA do not appear in the .msi that I have downloaded today.

Thanks

Yes, this still works. I've just one problem with this, I'm getting error message: "Profile does not exist".
I've done Autoit sctipt (just few lines, to eliminate this message.

I am having the same problems, i also tried Autoit to fix the problem, but i have no success so far
It is possible for you to share your Autoit script code with us? ( Without the passwords )

No Problem .
Here it is:

#NoTrayIcon
Opt("WinTitleMatchMode", 2)

Run("msiexec /qr /i LogMeIn.msi")

WinWaitActive("LogMeIn Installation", "The following error occurred while registering with LogMeIn.com:")
Send("{ENTER}")

[Cartman-SRK]

markdamen, on Oct 6 2008, 02:43 PM, said:

Does anybody know if this still works with the Version 4 install of logmein.msi. Its just that the options specifed above for changing in ORCA do not appear in the .msi that I have downloaded today.

Thanks

It worked with that version. The new 4.0.784 is not working for me. I am getting an 1603 error message with the most current version. after changing the installer with orca. Just using the psexec script to run it. Any Ideas?

[Pelekan]

Cartman-SRK, on Oct 20 2008, 10:35 AM, said:

markdamen, on Oct 6 2008, 02:43 PM, said:

Does anybody know if this still works with the Version 4 install of logmein.msi. Its just that the options specifed above for changing in ORCA do not appear in the .msi that I have downloaded today.

Thanks

It worked with that version. The new 4.0.784 is not working for me. I am getting an 1603 error message with the most current version. after changing the installer with orca. Just using the psexec script to run it. Any Ideas?

Let's try move psexec out . Try to run the installation from local drive, let's say from C:\INS\.....

I've seen 1603 error when i tried to run MSI files from network.

[Cartman-SRK]

with out psexec I am still getting an error message, but it is not showing on the screen since it is running quiet. BTw I do have the file on the machine I am trying to run it on.

[Pelekan]

Cartman-SRK, on Oct 20 2008, 10:48 AM, said:

with out psexec I am still getting an error message, but it is not showing on the screen since it is running quiet. BTw I do have the file on the machine I am trying to run it on.

can you provide the whole command you are running?

[Cartman-SRK]

Pelekan, on Oct 20 2008, 11:50 AM, said:

Cartman-SRK, on Oct 20 2008, 10:48 AM, said:

with out psexec I am still getting an error message, but it is not showing on the screen since it is running quiet. BTw I do have the file on the machine I am trying to run it on.

can you provide the whole command you are running?

psexec \\Machinename -u UserID -p UserPW cmd /c c:\regfiles\logmein.msi /quiet USERPASSWORD=UserPW USERVERIFYPWD=UserPW USEREMAIL=user@site.com USERWEBPASSWORD=UserPw LicenseType=free

Names have been changed to protect the innocent. The user ID and password are to a local admin account.