Introduction
The goal of this document is to collect instructions for performing unattended / silent installations of many popular application installers. Such instructions are useful for automating these installations.
A quick word on terminology: Strictly speaking, an unattended installation is one which does not require user interaction, and a silent (or quiet) installation is one which does not display any indication of its progress. However, most people use these terms interchangeably.
Here, we are interested not only in performing unattended installations, but also in waiting for those installations to finish and suppressing any reboot they might want to perform. This is necessary for reliably installing multiple applications.
General information
There are several systems which vendors use to create installers for their applications. To make an educated guess about how to run an installer unattended, you need to know which system was used to create it. Sometimes this will be obvious from the installer's splash screen; sometimes you can figure it out by running strings; and sometimes you will have to guess.
Of course, you can try running the installer with the /?
switch to
find out which other switches it supports. But if you really expect this to work,
then you have not been using Windows for very long. In my experience, the odds
are about 1 in 4 that /?
will tell you anything at all, even when
there is something to tell.
MSI packages
Microsoft's own Windows Installer Service is the nominal standard, and if everybody used it, there would be no need for this document. Unfortunately, Microsoft invented it too late.
The package files have a .msi
extension, and you manipulate them
using the msiexec
utility.
For installation, use the /i
and /qb
switches. Use the
/l*
switch to produce a log file. You can provide named options (or
"properties") at the end of the command line; which
properties are supported depends on the package. For example, this command:
msiexec /qb /l* perl-log.txt /i ActivePerl.msi PERL_PATH=Yes PERL_EXT=Yes
...is how you install ActiveState Perl, instructing the MSI package to add
Perl.exe to your PATH
and to associate .pl
files with
it.
Perhaps the most important common property is the REBOOT property, which you can use to suppress any automatic
reboot the MSI package might try to perform. So in general, you want to provide
the /i
, /qb
, and REBOOT=ReallySuppress
parameters to msiexec
.
msiexec
can do many other things, like uninstall software or apply
patches. Neat, huh? Too bad nobody uses it.
InstallShield
InstallShield is one of the oldest and most widely used application packaging systems.
Installers created by InstallShield recognize the /r
, /s
, /sms
, /f1
, and /f2
switches.
The installer itself is invariably named setup.exe
.
To perform a silent installation, you need an InstallShield "answer
file", customarily named setup.iss
. Some applications ship with
such a file, but if yours does not, you can use the graphical installer itself to
create one.
Here is how it works. Run the installer with the /r
("record") switch. Proceed through the dialogs and complete the
installation. This will create a setup.iss
file and place it in the
C:\WINDOWS
directory (yes, really). This file will include all of
your responses to the InstallShield dialogs, allowing you to perform unattended
installations as if you were giving the same answers again. Simply copy setup.iss
to the same directory as the installer executable.
Once you have a setup.iss
file, run the installer with the /s
("silent") option. This will perform an unattended
installation.
Unfortunately, the installer will fork a separate process and exit, meaning it
will return immediately even if you run it under start /wait
.
This makes it useless for scripting purposes. Luckily, there is another switch,
/sms
, which will cause the installer to pause until the installation
completes.
Hence, for an InstallShield application, you want to provide both the /s
and the /sms
switches.
The /f1filename
switch allows you to specify a
fully-qualified alternate name for the setup.iss
file. Note that
there must be no space between the /f1
switch and
the file name. This switch works both with /r
to create the file and
with /s
to read it.
The /f2filename
switch specifies a log file. Once again,
there must be no space between the switch and the file name.
WARNING: Be careful what characters you use in these file names, because InstallShield silently strips certain non-alphanumerics (like hyphens).
Oh, one more thing. The /r
and /s
switches only work
if the release engineer is competent. Many packages have "custom
dialogs" which are not supported by setup.iss
, which means the
dialogs will always appear no matter what you do. For such packages, I suggest
asking the vendor to fix their installer. If that does not work, I suggest doing
what you can to deprive them of business.
PackagefortheWeb
InstallShield has a relatively new add-on product called PackagefortheWeb, or PFTW for short. This is basically an InstallShield tree bundled up as a single-file executable.
When you run this executable, it extracts a bunch of files to a temporary
directory and launches the setup.exe
within.
The PFTW package recognizes the /s
and /a ...
switches. The /s
switch instructs the PFTW package to run silently,
although this does not necessarily mean that the underlying setup.exe
will run silently.
The /a ...
("add") switch allows you to add switches
to the command line of the underlying setup.exe
process. You may
provide any of the normal InstallShield switches here, including /r
,
/s
, and /sms
.
Thus, to automate the installation of a PFTW package named foo.exe
,
you would first perform one installation by hand to create the answer file:
foo.exe /a /r /f1c:\temp\foo.iss
Then, to install the package completely silently, you would run:
start /wait foo.exe /s /a /s /sms /f1c:\temp\foo.iss
The first /s
is only needed for a completely silent installation.
If you leave it off, the PFTW package will show you a status bar as it extracts
the InstallShield tree to the temporary directory.
InstallShield with MSI
Recent versions (7 and above) of InstallShield's tools are able to produce MSI files. Read InstallShield's documentation for full details.
These MSI files may be shipped alone or with a setup.exe
installer.
These installers in turn come in two flavors, called "InstallScript
MSI" and "Basic MSI". InstallScript MSI uses the traditional InstallShield switches. Basic MSI is
another story.
To perform an unattended installation using a Basic MSI installer, you provide
the /s /v"..."
switches, where ...
represents any additional switches you want to pass down to msiexec
.
These should include the /qb
(or /qn
) switch to make
the installation non-interactive, so a minimal invocation would be:
setup.exe /s /v"/qb"
Just to make things interesting, any of these mechanisms might be combined with PFTW. For example, we eventually figured out that the IBM Update Connector requires these flags for unattended installation:
updcon532.exe /s /a /s /v"/qb"
The first /s
tells the PFTW installer to extract silently. The
/a
tells it to provide the remaining switches to the underlying
setup.exe
. The second /s
tells setup.exe
to run silently, while the /v"/qb"
tells it to pass /qb
to msiexec
, which causes msiexec
to run
non-interactively but display a basic interface.
Finally, InstallShield has a KnowledgeBase article which is less helpful than you might expect. Are we having fun yet?
Wise InstallMaster
InstallMaster from Wise Solutions is a competitor to InstallShield. You can usually identify the installers it produces by running "strings" on the executable and grepping for "Wise".
InstallMaster installers are supposed to recognize the /s
switch to
perform a silent installation. And in our experience, they generally do. But
there is no way to set options, and the exit status is meaningless.
Note: This product has been rebranded the "Wise Installation System". Don't let them confuse you.
Inno Setup
Inno Setup is an open source competitor in this space. You can usually identify the installers it creates by running "strings" on the executable and grepping for "Inno".
The switches for Inno Setup are fully documented in the ISetup.hlp
file in the Inno distribution.
Here, is an html version. Thanks to
Lawrence Mayer for it.
In our experience, the /silent
switch is usually sufficient for a
basic unattended installation. But to be completely sure, we recommend /sp- /silent /norestart
.
Note that the /verysilent
switch may reboot the machine without
prompting, which is pretty much the worst of all possible worlds. So if you use
/verysilent
, be sure to use /norestart
as well.
Nullsoft Scriptable Install System
The Nullsoft Scriptable Install System (NSIS) is another open source installation system. It was created by the WinAmp authors to distribute that application, but it is now a general-purpose system which anyone might use.
When an NSIS installer runs, it creates a little window which says verifying installer: N%
, where N
counts from 0 to
100. So you can recognize these installers by this behavior. (Actually the
verification procedure is optional, but most installers have it enabled. As an
alternative, you can run "strings" and grep for "NSIS").
NSIS installers recognize /S
for silent installation,
/NCRC
to suppress the CRC (verification) step, and /D=dir
to specify the "output directory", which is where the
program will be installed. These options are case-sensitive, so
be sure to type them in upper case.
Incidentally, all /S
does is change the installer script's SilentInstall attribute from "normal" to
"silent". What effect this has, exactly, depends on the person who
wrote the script. If /S
does not perform a silent install, consider
submitting a bug report to the installer's creator.
Ghost installer
Ethalone's Ghost installer is just another commercial product, available in free and commercial editions. The free edition is nothing but the compiler, which takes XML files; the commercial edition is the compiler plus a graphical editor and wizard to create these XML files.
When a Ghost installer runs, it creates a little graphical window which says "Ghost installer wizard. Setup is preparing the Ghost Installer wizard..." together with a progress bar.
Ghost installers recognize -s
(case-sensitive) for silent
installation, but that works only if the person who created the installer defined
a standard installation type (if there are more than one).
If you have trouble to get it silent you might try to guess internal variables
and pass new values at the command line using -var:MyVar=value
. Unfortunately, using "strings" will not help you
guessing. See here.
Other command line parameters are -r
(repair),
-c
(add/remove), and -u
(uninstall).
Microsoft hotfixes and older packages
Most Microsoft hotfixes respond to the /?
switch, but they do not
always tell you everything.
According to KB article 816915 and KB article 824687, Microsoft is moving towards standardized packaging and naming for hotfixes. But they are not done yet.
Modern hotfixes support /passive
(formerly /u
) for
unattended installation, /norestart
(formerly /z
) to
suppress the automatic reboot, and /n
to skip backing up files
needed for uninstalling the hotfix.
Some hotfixes use an old Microsoft packaging technology called
"IExpress", whose switches are more-or-less documented in KB article 197147 and an old USENET post. These installers first extract some stuff
to a temporary folder and then run a command from inside that folder. They
support the /t:path
switch to specify the temporary
folder name and the /c:command
switch to specify the
command to run. Specifying just /c
suppresses running the command at
all, so you can use /c /t:path
to extract the hotfix
just to look at it.
These packages support the /q
switch for quiet operation, except
sometimes you have to use /q:a
instead. They also support the /r:n
switch to suppress the reboot. Sometimes these do not work and you
have to fiddle with the /c:command
switch; see the second
"NOTE" in KB article 317244 for an example.
Leave it to Microsoft to make systems administration an experimental science.
If all else fails...
If the application simply has no unattended installation procedure, you can create your own. I prefer to avoid these approaches if at all possible, since they are relatively unreliable and difficult to maintain.
Repackaging
There are several tools around which can take a snapshot of a machine's state before and after a manual installation, compute the differences between the states, and bundle them up as an "installer". The Wise product line provides good support for this, and Microsoft's free tool provides bad support for it.
The problem with this approach is that it fundamentally cannot work reliably. An installer's behavior may depend on the exact initial state of the machine, such as the OS version or the presence/absence of other installed software. So the repackaged installer will almost never do exactly the same thing that a fresh installation would, unless the target machine is completely identical to the original machine.
In addition, for every new release of an application, you will need to repackage it again. And there are other disadvantages which even Microsoft recognizes.
For these reasons, we think repackaging is a very bad idea and we strongly advise against it.
AutoIt
AutoIt is a free
tool which can simulate key presses and mouse clicks, following a script
customarily named with a .aut
or a .au3
extension.
Most installers have a sufficiently simple and consistent interface that a very
short AutoIt script suffices to automate their installation.
The AutoIt distribution includes very good documentation. The Unattended distribution includes both versions 2 (AutoIt.exe) and 3 (AutoIt3.exe). These versions differ in their script formats. Currently, all scripts that are shipped with Unattended are written for version 2, but we plan to switch to version 3 in the future and advise to create new scripts only in version 3.
AutoIt scripts do have drawbacks.
First, you must be careful when upgrading to new releases of an application, since the installer's UI may have changed.
More worryingly, AutoIt scripts are theoretically unreliable because they do not let you determine when a sub-process has exited. You can tell when AutoIt itself exits, but that is not the same thing at all. For example, an installer's last window might disappear while the installer was still working. Your master script, waiting only for the AutoIt executable, would then proceed, starting another installation or rebooting the machine.
AutoIt provides Run
and RunWait
primitives, but it does not provide a way
to wait for the termination of an application which was invoked by Run
. If it did, this race condition could be avoided.
In practice, it does not matter much, because most installers do finish their
work before destroying their last window. Just make sure your .aut
script uses WinWaitClose
to wait for that last window to
vanish.
You should make sure that your script contains a [ADLIB] section to catch surprising reboot requests.
Examples
To pique your inspiration you should have a closer look on some of our application installation scripts in the SVN repository:
And do not forget our Wiki, which is a very good source of additional install scripts.