Share via

Forefront Client Security Troubleshooting: Installers

  • Article

FCS uses the Microsoft Software Installer (MSI) for most of its components. MSI is built into the operating system, and the file name (used both by system service and installer executive) isMSIEXEC.EXE. When you run this program by itself in a command prompt, you’ll see the offering of parameters in a dialog box. It works primarily on files with an MSI extension, among others.

MSIEXEC has logging options that can be very useful when trying to troubleshoot installer issues. By appending  ‘/l*v install.log’ to the command line (or your log file name of choice), you will get fully verbose output. The switches are:

  • /l - specifies that a log file should be created.
  • * - specifies that all information should be logged (there are 12 other types of information that can be logged - * means log them all, except for v and x <extra debugging information>).
  • v - specifies that the output should be verbose.

For example, one of the MSI specific steps for upgrading from FCS Eval to FCS 1.0 (see http://technet.microsoft.com/library/bb625082.aspx) is (without the quotes):

Msiexec.exe /package filelocation\FCScs-kb-939366-x86-enu.msi /qn REBOOT=ReallySuppress

To get a log file with this command line, you can specify the following (again, without the quotes):

 

Msiexec.exe /package filelocation\FCScs-kb-939366-x86-enu.msi REBOOT=ReallySuppress /l*v FCS939366.log

 

(Additional note here: eliminating the quiet '/qn’ option allows you to see all user interfaces. It’s good to watch the installer show its progress when troubleshooting an issue.)

 

So how do you interpret that log. Memorize this phrase:‘Return value 3’ (be sure to substitute for the language-specific version of the phrase if you’re running on a non-English OS). Searching for this phrase in your log will generally pinpoint the cause of any major issue. Or, at least, it will put you near a section of the log where problems led up to this failure. This works most of the time. Otherwise, patients will prevail here. Since all installer logs, however verbose, contain a similar set of internal ‘stages’, with experience you will gather a better feel for where the problem is rooted. Other phrases might come in handy, such as ‘error’ or ‘fail’.  

 

Also, for FCS, during server installation, be sure to check for any other logs that get populated under ‘…\Program Files\Microsoft Forefront\..’, since these get embedded in deeper subdirectories depending on the subsystem being installed.