Install EXE on Windows

Ansible_Red · January 4, 2017, 9:33am

I want to install an EXE on Windows 2016 server. Other tasks (msi, regkey, add user) do work.

name: Install setup
raw: ‘D:/setup.exe -ignoreSysPrereqs -silent -responseFile D:/client.rsp’

When I execute D:/setup.exe -ignoreSysPrereqs -silent -responseFile D:/client.rsp when logged in on the WS2016 via PowerShell, the program gets installed.

The output of the task:

<192.168.0.14> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5986 TO x.x.x.x

<192.168.0.14> EXEC D:/setup.exe -ignoreSysPrereqs -silent -responseFile D:/client.rsp

changed: [win01] => {

“changed”: true,

“invocation”: {

“module_args”: {

“_raw_params”: “D:/setup.exe -ignoreSysPrereqs -silent -responseFile D:/client.rsp”

},

“module_name”: “raw”

},

“rc”: 0,

“stderr”: “”,

“stdout”: “”,

“stdout_lines”:

}

I tried it also with the win_package module but have the same result. As the software doesn’t register itself in the registry “uninstall” I can’t find back the GUID so I have to make up something to make it idempotent.

Also tried it with BAT file and PS1 script.

The exe that i want to install is : https://kb.wisc.edu/helpdesk/page.php?id=19305.
When I execute the playbook I can see the following in the windows eventlog:

Source: Microsoft-Windows-DistributedCOM
Event ID: 10016
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID to the user DOMAIN\Administrator SID from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool

Other options I can try to install an EXE via Ansible on Windows?

j.r.hawkesworth · January 4, 2017, 7:50pm

Sounds like the application you are trying to install contains a dcom component. You might need to find a copy of dcomperm.exe and use it to grant launch and activation to the user you are running as, or possibly to the user that the dcom component is configured to run as.

I can dig out some examples of using dcomperm.exe to do something similar if you need. Check the documentation for the exe to find out what dcom permissions it needs.

My guess would be that the app is expecting to run as an interactive user, which you wont be running as under winrm, so you'll probably need to grant explicit dcom permissions before attempting to install.

I can dig out some examples of using dcomperm.exe via raw module if you need.

Hope this helps,

Jon

Ansible_Red · January 5, 2017, 9:39am

Hi Hawkesworth,

It would be great if you could show me something related to this with the RAW module.

Kr,

j.r.hawkesworth · January 6, 2017, 8:08am

Hello,

Here are some examples of using DCOMPERM.EXE to grant dcom permissions to a domain user.

You’ll need to find a copy of DCOMPERM.exe from somewhere. I believe it is included as source code in Windows SDKs but I think I just found a compiled version somewhere and downloaded it. In the examples {{ deploy_dir }} is a folder on the windows machine where I put software components to be installed. Its pretty small so can probably be installed via win_copy module. Once you have DCOMPERM.exe on your windows targets here are the examples.

name: run Dcomperm to allow domain user launch
raw: “{{ deploy_dir }}DComPerm.exe -dl set {{ win_domain }}\{{ win_user }} permit level:l,r”
name: run Dcomperm to allow domain user activation
raw: “{{ deploy_dir }}DComPerm.exe -da set {{ win_domain }}\{{ win_user }} permit level:l,r”
name: run Dcomperm to allow dcom component to specified by CLSID to launch as domain user
raw: “{{ deploy_dir }}DComPerm.exe -al 0AF3D1B3-2476-4635-6B27-13599AE7F248 set {{ win_domain }}\{{ win_user }} permit level:r”

If you can find a system where your exe is installed successfully you might be able to find the dcom permissions you need by using the DCOMCNFG.EXE program. Browse to Component services → My Computer, right click and choose Properties, and switch to COM Security tab, then check all the Defaults and Limits. Then browse to to Component services → DCOM Config and find the dcom component you are interested in (if you don’t know the name of it you can try searching through the registry for the CLSID - the component name will likely be in the parent key or nearby). Once you have found the dcom component, right click and choose properties and click on the Security tab, and check all of the permissions are correct.

DCOM stuff is rather old now and I found it hard to get information on it that wasn’t intended for programmers.

Hope this helps,

Jon

Topic		Replies	Views
Installing software by exe in windows Ansible Project windows	1	1	July 31, 2018
How to install exe file on windows using ansible , e.g. firefox.exe Ansible Project windows	4	6	May 2, 2017
Installation of .exe on windows remote node get hung Ansible Project windows	1	0	September 1, 2016
Installing Office 2016 through Ansible? Ansible Project	3	2	March 25, 2019
win_package unable to install .exe Chart Director Ansible Project windows	4	0	August 14, 2017

Install EXE on Windows

Related topics