How-to Microsoft Windows Installer, Application Compatibility and Deployments

Troubleshoot the error 1603 “Fatal Error During Installation”

This error message is displayed by the Microsoft Windows Installer Engine (Wondering whats this? Read here) and is a general error code that indicates a problem occurred during the installation. Read on this article to learn how to sidestep this speed bump. The following is the probable list of known causes for this error to occur:

  • Short file name creation is disabled on the target machine.
  • An Install Script custom action is prototyped incorrectly.
  • A file is locked and cannot be overwritten.
  • The Microsoft Windows Installer Service is not installed correctly.
  • The Windows Temp folders are full.
  • The setup was corrupted after installation and, therefore, fails with this error during un-installation.
  • An older version of Install Shield Developer is being used.
  • Print and File sharing is not installed if your application needs it.

Troubleshooting 1603 MSI Error

As discussed, The 1603 error code is mostly returned when any action fails during an installation on Windows, and most commonly it indicates that one of the custom actions in the MSI failed. When we encounter a failed setup with return code 1603, here are the steps that we should follow:

Re-run the setup with verbose logging enabled using steps similar to those that are listed here.

Step 1: Generate a verbose log file named msi*.log in the %temp% directory the next time the setup package is executed. (Click here to know more ways to generate log). Know more about the command-line switches here.

msiexec /i <msipath>setup.msi /l*v c:\temp\msi.log

Step 2: Open the verbose log in a text editor such as notepad and search for the string “return value 3”. In nearly all cases, this will take us to the section in the verbose log that lists the action that failed that initially caused setup to rollback.

Step 3: Review the contents of the log file immediately above the “return value 3” string to determine which custom action or standard action failed. Depending on which action is failing, We will need to proceed to more detailed debugging from here.

One can find that the biggest hurdle to debugging a failed setup is often zeroing in on which part of the setup is actually failing, and this trick of searching for “return value 3” ends up helping speed this process up in nearly all cases. Of course, it does not work in 100% of scenarios.

You can find some ways of troubleshooting the logs here –

“Access your favorite Windows Applications from your Android/iOS device with a virtual desktop by of the best Desktop as a Service providers. Get a free trial of Office 365 and excellent support by

Known Solutions

The following solutions have resolved this error in the majority of cases:

  1. Make sure short file name creation is enabled on the target machine. You can check to ensure that the target machine does not have short file name creation disabled by navigating to the following registry entry:

    Make sure the value “NtfsDisable8dot3NameCreation” is equal to 0. This indicates that short file name creation is enabled. A value of 1 indicates that this functionality is disabled. You should change the value to 0. After modifying this value, the target machine should be rebooted before attempting to launch the setup again.

    Note: If the target machine should normally have short file name creation disabled, it can be disabled after the install completes by resetting “NtfsDisable8dot3NameCreation” to 1 and rebooting.
  2. To ensure that the Windows Installer Service is properly installed and configured, it is recommended that users install the file InstmsiA.exe on Windows 95/98/Me or InstmsiW.exe on Win NT systems. These files are shipped with your InstallShield product and are located in the following location: <Product Path>\Redist\Language Independent\i386. If the service is installed, to know the status of the service exection, you could also goto services.msc in the command prompt, check the status of the Windows Installer Service. “Stopping and restarting it can help”
  3. Empty all temporary folders. The specific temporary folders for a machine can be determined by accessing the DOS prompt and typing set. Note the values listed for TEMP and TMP, and delete all files in those locations.
  4. Make sure no other applications, including utilities such as virus scanners, are running in the background. Close all running applications and utilities, and launch the installation again.
  5. If this error occurs during un-installation, use the Microsoft Windows Installer CleanUp utility to uninstall the installation. Once the installation has been successfully un-installed, you can then debug the project to determine what caused the original error.

If it doesn’t fall in this last, it could be any other error which occurred during the installation, do update in the comments..lets fix that..!

LinkedIn and other Discussions

I had also posted this on LinkedIn Discussions and have got some quality responses for the same – I will extract some information from there and post it here so that, you can get all the information at one single place.

A Senior Desktop Analyst, Jack Fei writes,

Vijay has makes some excellent points about how to troubleshoot these types of issues. From my experience, the fix is usually trivial once you understand “how to correlate verbose logging results” with msi internals.

First, know that “installation” means msiexec.exe sequentially processing rows of the InstallExecuteSequence table inside the msi database.

Second, know that msiexec.exe processes the commands sequenced between InstallInitialize and InstallFinalizes in two passes. A way to think about it is the first pass “conditionally installs the change” to the machine while checking the syntax of the command and the second pass “commits the change to the machine”. A 1603 essentially means “an error occurred” trying to commit the change, causing msiexec.exe to “backout the change”.

This type of error is either caused by msi misengineering (most vendor msi are misengineered) or by an “machine specfic issue”. So Patrick Pepin makes an excellent suggetion to check the msi vendor.

Having VMWare or imaging tool really helps troubleshoot this type of issue.

1. I would determine the issue can be reproduced on a clean machine with all pre-requisites installed (just to eliminate the possibility false negative caused by testing on an unknown or corrupt pc environment).

2. If it is a capture msi (original source is non-msi) I would systematically exclude files and registry keys until I isolated the component causing the issue in my msi. I built it, so I know best how to fix it.

3. if the msi was engineered by another vendor, I would review the verbose log and isolate the failing instruction in the InstallExecuteSequenceTable. My major technique was to find the failure that generated the “1603” error and find the likely instruction that caused it. To test my theory, I would comment out only that instruction (put a negative sign in the sequence column) and rerun the command. Sometimes, I would get lucky and even “work around” the msi defect by leaving the custom action commented out. This type of change works great when the custom action is doing “unnecessary checks” for desktops in your environments. Obviously, I would “test the modified msi” and make sure the application installed and starts cleanly.

4. If I can reproduce the problem on a clean desktop, I will have good ammunition to contact the vendor. However, my experience is if you know how to do what I have outlined, you will exhaust the technical support departments of whatever vendor you call. This is done for “political reasons” more than anything else – so you can be the hero when the vendor despite considerable persistance from you, can not find a solution.

Good luck. Hope this helps.

Guest Posts How-to Windows Installer, Application Compatibility and Deployments

Command Line Switches for MSI and MSP Installations

thumbHi Folks, Its time for yet another Guest Post; and we have Bhuvana writing for us. In this article she focuses on the command line arguments and the silent switches that can be used for msi and msp (un-installable patches). Bhuvana specializes in InstallShield & MSI Installers and her primary responsibility at work is “Build & Release” which includes creating Setups and Source Control Management.

She keeps all the details crisp in this table. I know that, this below chart will be as a printed one.. in your desks !!

Install / Uninstall Command Line Option Silent Mode
MSI – Installation  msiexec /i “<msi file name with path>” [TRANSFORMS=”<mst file name with path>”]  msiexec /i “<msi file name with path>” [TRANSFORMS=”<mst file name with path>”] /qn
MSI – UnInstallation  msiexec /x <ProductGUID> msiexec /x <ProductGUID> /qn
MSP – Installation Command line with Progress dialog:
msiexec /p “<msp file name with path>” /qb
msiexec /p “<msp file name with path>” /qn
Command line with UI:
msiexec /p “<msp file name with path>” REINSTALLMODE=oums REINSTALL=ALL
MSP – Uninstallation Command line with Progress dialog:
Msiexec /package <ProductGUID> MSIPATCHREMOVE=<PatchGUID> /qb
msiexec  /I <ProductGUID> MSIPATCHREMOVE=<PatchGUID> /qn

  1. Patch uninstallation does not work without /qb option. i.e. Patch can be uninstalled from command line only in silent mode. If you want to invoke the UI for uninstallation, go to Add / Remove Programs with Show Updates enabled.
  2. Msiexec /uninstall <PatchGUID> /package <ProductGUID> /passive
    The above command removes the entire base product but not the Patch alone.

Bhuvana’s Thought on
I came across MSIgeek blog through linkedin groups. Good to see lots of articles and FAQs on MSI at one stop. Some of the articles definitely helps to give a better insight into the concepts. So felt like contributing some article, which would help people like us, the Packaging specialists.

If you want to get in touch, her LinkedIn Profile is – Here. (PS: Do mention in the LinkedIn request that, you read her article on msigeek. We do not want to give her un-necessary Spams 🙂 )

FAQ Microsoft Windows Installer, Application Compatibility and Deployments

Windows Installer FAQ – Part 3

As you guys are aware, I am writing a series of posts which covers some key discussions, topics and FAQs in the stream of application packaging. In this third post, we will look at some questions on key OS components and Installation sequences.

Q11. What is the difference between a Task, Process and a Service  
A process is an instance of a computer program, consisting of one or more threads, that is being sequentially executed by a computer system that has the ability to run several computer programs concurrently. A task is “an execution path through address space”. In other words, a set of program instructions that are loaded in memory.
Windows service is a long-running executable that performs specific functions and which is designed not to require user intervention. (Thanks to Wiki for the answers)

Q12. How do you determine the installer Version in a machine

Option 1: In a command window, type msiexec, the window displayed will tell you the version number.

Windows Installer Version - Detection Method 1



Option 2: Check the file attributes of Msi.dll in the folder C:\Windows\System32

Windows Installer Version - Detection Method 2


Q13. Explain Advertising Phenomenon / On Demand Installation  
The availability of an application to a user without actually installing the application is called Advertisement, In this technique, only the interfaces required for loading and launching the applications are presented to the User. Windows Installer does not install the necessary components until a user or application attempts to activate the advertised program. This is usually done by launching the advertised shortcut. This concept is called install-on-demand.

There are 2 types of Advertisment, “Publish” and “Assign”.
Publish – In this type, the application’s advertising entry point will be visible for the user (usually a shortcut) – Generally used.
Assign – In this type, the application will be available only in Add remove program. The application is installed from here. (this option is used for only advanced users (or) when the application size is huge and they do not want a normal user to install it accidently by launching the shortcut, when he doenst need it)

An application can be tested for advertisement by using the /j switch. (/ju and /jm for user and machine respectively)
For eg: msiexec /jm ABC10.msi /qb

Q14. What are the various Installation sequences? / What are the differences between execute immediate and deferred? / When do you choose a CA to be written in Deferred?  
The various installation sequences are listed below.,
User Interface: The User Interface sequence, which is executed at the beginning of installation, gathers system information, displays dialogs to the end user, and records end user choices. It is suppressed during silent installations.
Execute Immediate: In this mode the installer creates an internal script and run then to make some system changes.
Execute Deferred: It encompasses all the actions between InstallInitialize and InstallFinalize.


Difference Between Execute Immediate and Deferred

Q15. What is the difference between the AdminUser and Privileged properties?
The AdminUser property is set when the user performing the installation is an administrator; the Privileged property is set when the user is allowed to install with elevated privileges. A user can install with elevated privileges if the user is an administrator, both the per-user and per-machine AlwaysInstallElevated policies are set or the application has been assigned by the system administrator.

If the user is an administrator, then both the AdminUser and Privileged properties are set. If the user is not an administrator, then AdminUser is never set. In that case, privileged is only set if the user has been given permission by the administrator through assignment or policy to install the application as elevated. In many cases, it is recommended that launch conditions or similar conditions use Privileged instead of AdminUser to allow for installation of applications assigned by administrators.

I would recommend, You read the other parts too – Part 1 , Part 2 , Part 3 , Part 4, Part 5 (Coming Soon)

How-to Windows Installer, Application Compatibility and Deployments

Access MSI Database in Deffered Context through Custom Actions

Deferred custom actions have limited access to the installation session. If your deferred custom action requires information about the installation that it cannot obtain through its limited access, then you can provide that information to the deferred custom action through the CustomActionData property. This method is only available to script and DLL deferred custom actions.

“How-to” make this work??

1.An immediate custom action that executes before the deferred custom action sets a property with the same name as the deferred custom action to the value that is needed by the deferred custom action. So, if the primary key for a deferred custom action is called “DeferredCA,” then the immediate custom action would set a property called “DeferredCA” to the value that was needed. A type 51 custom action would be an easy way to set this property. Another method would be an immediate custom action that calls MsiSetProperty with the szName parameter equal to “DeferredCA.” Note: The action name is case-sensitive.

2. When the deferred custom action is queued into the installation script, the installer will write the value of the property “DeferredCA” into the installation script as the value of the property CustomActionData.

3.Upon execution, the deferred custom action retrieves the value by making a MsiGetProperty call with the szName parameter equal to “CustomActionData.” Alternatively, a script custom action would use the Property property of the Session object

How-to Windows Installer, Application Compatibility and Deployments

Installing Specific Features in a MSI Package

The ADDLOCAL, ADDSOURCE, and ADVERTISE properties can be used to install only a certain number of known features.

The following command-line script would be used to install the “Word” and “Excel” features of the example.msi package locally on the machine. Feature names are case-sensitive.

msiexec /i example.msi ADDLOCAL=Word,Excel /qb

The following command-line script would advertise the “Excel” feature and install the “Word”feature to run from source.

msiexec /i example.msi ADVERTISE=Excel ADDSOURCE=Word /qb

Windows Installer, Application Compatibility and Deployments

Key Information on Sourcelist of a MSI

The following registry key gives information about the sourcelist for a msi. (Source Resilency)

We can also check for the transforms which were installed along with msi in

Windows Installer, Application Compatibility and Deployments

How to Fix Custom Action Issues in MSI Installation?

When an installation fails, it may be because of the Custom Action(s) it contains. Here’s how to examine the MSI logs to troubleshoot the problem. Generate the MSI log and search for RETURN VALUE 3. This will help you identify and solve the problem in some cases.

Further, the possible Return Values for CAs are:

Value Description
0 Action not invoked; most likely does not exist.
1 Completed actions successfully.
2 User terminated prematurely.
3 Unrecoverable error occurred.
4 Sequence suspended, to be resumed later.

Also note that there is an MSI verbose log parsing tool (wilogutl.exe) in the Windows Installer PSDK that is also very useful in locating errors inside verbose log files. This tool is more thorough in identifying errors — just browse to the log file, wait for it to parse the whole log and then read the output it produces.

Best Practices Windows Installer, Application Compatibility and Deployments

MSI Package Validation using ORCA

ORCA provides a graphical interface to the package validation functionality available as part of the MSI SDK and in several third-party tools. Validation can flag many common problems in MSI packages by analyzing package data for invalid cells or combinations of cells that are not consistent.

Validation is performed by one or more Internal Consistency Evaluators, that are organized into CUB files. Several standard validators and CUB files are provided as part of the Platform SDK. ORCA can also use custom validators and CUB files.

Choosing a CUB File

You can select a CUB file for use during the validation run in three ways:

Select a CUB file from the drop-down list.
The list contains all CUB files registered on the system for use in validation.
Type a full path to the CUB file in the edit control.
Click the “Browse” button and locate a CUB file.
The default value for validation can be changed by choosing Options… from the Tools menu and changing the Default ICE File value on the Validation tab.

Selecting ICEs to Run

You can limit the set of ICE validators that run from a particular CUB file by changing the value in the ICEs to Run field of the validation dialog.

The set of validators to run can be specified in two ways:

Specifying no value selects the default set of ICEs from the CUB file.
A set of individual ICEs can be selected by specifying the ICE names, separated by a colon character (‘:’). The set of ICEs available depends on the CUB file selected.
The default value for this field can be changed by choosing Options… from the Tools menu and changing the ICEs to Run value on the Validation tab.
Running Validation

To run validation, click the Go button. ORCA executes the specified validators in the selected CUB file, validating the current database, including any changes to the database that have not been saved.

Filtering Information Messages

To not place information messages from the validators in the list of results, uncheck the Show “INFO” Messages option. This option can be toggled while validation is running, in which case, it affects messages generated from that time on but not messages that have already been generated.

Warning and information messages can be filtered by default by selecting the appropriate options in the Tools\Options configuration dialog box on the Validation tab.

Placing Results on the Clipboard

To copy the results of a validation run to the clipboard for pasting in another application, click the Copy Results button.

Using the Validation Pane

When the validation dialog box is closed, all warnings and errors in the validation window are copied to the validation pane at the bottom of the ORCA window. To show or hide the validation pane, choose Validation Pane from the View menu. Hiding the validation pane does not erase the contents.

To jump to the location of an error, select the error by clicking on it or using the arrow keys in the window to move to the desired error. The table list and table view immediately jump to the exact location of the error that was reported by the validator.

If a table or row that contains an error is deleted, any validation errors associated with that row are deleted from the validation pane.

The data in the validation pane is replaced each time the database is validated.

Examining Table and Cell Errors

To examine the errors associated with a specific cell, right-click on the cell and choose Errors…. The error information associated with the cell appears in a small dialog. If more than one error is associated with the cell, you can click the Previous and Next buttons to switch between the different errors.

To examine the errors associated with a table but not a specific cell, right-click on the table name in the table list and choose Errors…. The error information associated with the table appears in a small dialog. If more than one error is associated with the table you can click the Previous and Next buttons to switch between the different errors.

The information presented in the Errors dialog box is the same information available in the validation pane.

If a table does not exist in the database but contains a validation warning or error (such warnings and errors usually indicate that the table or a value within the table is required but not present), a Shadow Table appears in the table list. This table is used to provide access to the validation errors or warnings associated with the table, but does not indicate the presence of the table in the database. When a shadow table is selected, the table view pane that normally displays the contents of the table does not contain any table information and indicates that the table does not exist in the database.

If there are no errors associated with the cell or table, the Errors… option is disabled.

Cancelling Validation

To cancel the validation, press the Cancel button. No additional validators run and a cancel request is sent to the currently running validator. Some ICE validators acknowledge the cancel request and stop immediately. Other validators run to completion before accepting the cancel request.