Check our other helpful areas that might answer your question

I have a property marked as hidden which stores a password needed by a deferred custom action, however I cannot get that data TO the custom action without exposing it in plain text to the logging!

The log lines in question are:

MSI (s) (10:7C) [15:01:05:803]: PROPERTY CHANGE: Adding MyCustomAction property. Its value is 'Key1=Value1 Key2="Value2" Key3="MyHiddenPropertyValue"'.

and

MSI (s) (10:7C) [15:01:19:663]: Executing op: CustomActionSchedule(Action=MyCustomAction,ActionType=3073,Source=BinaryData,Target=MyCustomAction,CustomActionData=Key1=Value1 Key2="Value2" Key3="MyHiddenPropertyValue")

What exactly is the point of the Hidden flag if the logging exposes the data anyway?

Hi,

When the "Hide property" flag is set for a property defined in "Install Parameters" page, it is indeed set not to be displayed in the log file. However, if the content of that property is assigned to another property, its content will be visible in the log.

If you want to hide a property that is not available in the "Install Parameters" page, you can create a "Set installer property" custom action and add it to the "MsiHiddenProperties" property.

Best regards,
Eusebiu

Let's assume that adding CustomActionData to MsiHiddenProperties works. That still doesn't stop it from being logged by CustomActionSchedule.

Hi,

You may need to add the name of the custom action to the "MsiHiddenProperties" property, too. If it still doesn't work, can you please send me the .AIP (project file), a verbose log of the installation and the name of the problematic properties to support at advancedinstaller dot com, so I can investigate them?

Best regards,
Eusebiu

Hi,
Followed the above steps still the issue not solved. Let me know whether the issue fixed? If so can you brief?

Hello Golden,

We have investigated your sent project over email and the behaviour is encountered because the password is referred in another property, CustomActionData. CustomActionData property also needs to be hidden. For doing so, you have to create a new "Set Installer Property" custom action with sequence. Place this action before "Searches" action group. In the "Property" field of the custom action enter and in the value field enter All the best,
Daniel

Thanks for your input. It works if we use inbuilt custom action like CheckIfUserExists but when we pass the properties like USER_PASSWORD as parameter to the dll custom action in Action Data, they appear in the log. Can you please let us know how to overcome it.

Hello Golden,

In this case, to hide the password written in the log file by your DLL custom action you will have to set the msidbCustomActionTypeHideTarget flag for your custom action.

You need to use the following steps:

1. Go to "Table Editor" page and select "Custom Action" table.
2. Select your dll custom action row and edit its "Type" field in the following way: add 8192 to its current value. For example if its current value is 38 you need to set it to 8230

All the best,
Daniel

How do i add the "Set installer property" Custom Action to the "MsiHiddenProperties" property? I've tried for hours, but I've still not figured it out.

Note: MsiHiddenPrioperties does not exist in my Set installer property > Property.

Hi,

Indeed, the "MsiHiddenProperties" property is not displayed in the property picker, but you can just write it manually as in the image below.

I hope this helps.

Best regards,
Eusebiu

I have now also noticed that some of the hidden properties are logged in a clear text. Indeed, they are passed as action data to a custom action (a VB script). In the log file they are present like this:

PROPERTY CHANGE: Adding XXX_Propertyproperty. Its value is YYY_clear_text.

I've followed the suggestions in this thread the best I could understand them, but that didn't work. In fact, it's probably worse now. The reason is that the existing hidden properties are now overwritten to the 'CustomActionData' value:

PROPERTY CHANGE: Modifying MsiHiddenProperties property. Its current value is 'ADDRESS;ACCOUNTNAME .... Its new value: 'CustomActionData'.

So, not clear what I should do to ensure a hidden property is not logged. Using AI 20.7.1

Thanks!

Hello Sasha,

If possible, could you please forward me, by email at support at advancedinstaller dot com a small sample project that reproduces this behavior (and, for instance, if you are using a DLL file for your custom action, please send that too under the same ZIP archive)?

I would like to run some tests and further investigate this, but it would really help to work on your exact scenario so I'm not wasting time on different scenarios.

Looking forward to hearing from you!

Best regards,
Catalin

Thanks for the reply, Catalin. I will try to come up with something

Sample project emailed.

The receiving email server refused to accept the email with the .zip file attached:

Error: 550 5.0.350 One or more of the attachments in your email is of a file type that is NOT allowed by the recipient's organization.
Message rejected by: CY8PR11MB7135.namprd11.prod.outlook.com