Ignoring disallowed property IISMAJORVERSION and 'EnableUserControl'?

Question

My installer package works on my machine but failed on my colleague's machine. Looking at the log, I can see a few properties values are not persisted during ExecuteAction phrase: there are few Ignoring disallowed property lines in his installer log file and those properties are set with the right value during UISequence. The strange thing is that we are both Admin user on local machines he is and Domain Admin as well while I am not, and we are both on Windows 7 64bit. So I don't think it is because he don't have Administrator rights.

The exact entries in the log file:

MSI (s) (3C:50) [09:14:16:583]: Ignoring disallowed property IISMAJORVERSION
MSI (s) (3C:50) [09:14:16:583]: Ignoring disallowed property IISMINORVERSION
MSI (s) (3C:50) [09:14:16:583]: Ignoring disallowed property WCF_SRV_INSTALL_FOLDER
MSI (s) (3C:50) [09:14:16:583]: Ignoring disallowed property TARGETDIR

A easy fix would be mark all those properties as Secure, but properties such as IISMAJORVERSION are not defined in my code. I discovered that I can set EnableUserControl to 1 to make Ignoring disallowed property go away. Another solution would be create my own security properties and copy whatever ignored property value I need into my own properties and read them instead of the ignored property.

After that I discovered there is an entry Machine policy value 'EnableUserControl' is 0 in his installer log, but not in my log, which seems point to set EnableUserControl to 1 is probably what I need. In that case, the question is why there are different values from those two machines?

So my number one question would be: is set EnableUserControl a good fix for my solution, or there are probably better/safer solutions given I only seems found the symptoms but not the cause?

Or if EnableUserControl seems like a reasonable fix given the information, any suggestion could help me track down the cause of the problem (a registry key value change by the Administrator, probably?).

I don't think there is anything special about my installer, but in case of anyone want to see more details:

<Package Id="*"  InstallerVersion="200" Description="Web service installer" Compressed="yes" InstallScope="perMachine" />

Edit:

As pointed out by PhilDW, those properties probably should be marked as Secure to begin with. But then shouldn't all properties be marked as Secure because of UAC, I don't think is make much sense to define a property to be not Secure if it might be used by others?

Answer 1

I'm pretty sure it doesn't matter if you defined them or not - try marking them Secure.