Skip to main content.


The goal of this document is to collect instructions for performing unattended / silent installations of many popular application installers. Such instructions are useful for automating these installations.

A quick word on terminology: Strictly speaking, an unattended installation is one which does not require user interaction, and a silent (or quiet) installation is one which does not display any indication of its progress. However, most people use these terms interchangeably.

Here, we are interested not only in performing unattended installations, but also in waiting for those installations to finish and suppressing any reboot they might want to perform. This is necessary for reliably installing multiple applications.

General information

There are several systems which vendors use to create installers for their applications. To make an educated guess about how to run an installer unattended, you need to know which system was used to create it. Sometimes this will be obvious from the installer's splash screen; sometimes you can figure it out by running strings; and sometimes you will have to guess.

Of course, you can try running the installer with the /? switch to find out which other switches it supports. But if you really expect this to work, then you have not been using Windows for very long. In my experience, the odds are about 1 in 4 that /? will tell you anything at all, even when there is something to tell.

MSI packages

Microsoft's own Windows Installer Service is the nominal standard, and if everybody used it, there would be no need for this document. Unfortunately, Microsoft invented it too late.

The package files have a .msi extension, and you manipulate them using the msiexec utility.

For installation, use the /i and /qb switches. Use the /l* switch to produce a log file. You can provide named options (or "properties") at the end of the command line; which properties are supported depends on the package. For example, this command:

    msiexec /qb /l* perl-log.txt /i ActivePerl.msi PERL_PATH=Yes PERL_EXT=Yes how you install ActiveState Perl, instructing the MSI package to add Perl.exe to your PATH and to associate .pl files with it.

Perhaps the most important common property is the REBOOT property, which you can use to suppress any automatic reboot the MSI package might try to perform. So in general, you want to provide the /i, /qb, and REBOOT=ReallySuppress parameters to msiexec.

msiexec can do many other things, like uninstall software or apply patches. Neat, huh? Too bad nobody uses it.


InstallShield is one of the oldest and most widely used application packaging systems.

Installers created by InstallShield recognize the /r, /s, /sms, /f1, and /f2 switches. The installer itself is invariably named setup.exe.

To perform a silent installation, you need an InstallShield "answer file", customarily named setup.iss. Some applications ship with such a file, but if yours does not, you can use the graphical installer itself to create one.

Here is how it works. Run the installer with the /r ("record") switch. Proceed through the dialogs and complete the installation. This will create a setup.iss file and place it in the C:\WINDOWS directory (yes, really). This file will include all of your responses to the InstallShield dialogs, allowing you to perform unattended installations as if you were giving the same answers again. Simply copy setup.iss to the same directory as the installer executable.

Once you have a setup.iss file, run the installer with the /s ("silent") option. This will perform an unattended installation.

Unfortunately, the installer will fork a separate process and exit, meaning it will return immediately even if you run it under start /wait. This makes it useless for scripting purposes. Luckily, there is another switch, /sms, which will cause the installer to pause until the installation completes.

Hence, for an InstallShield application, you want to provide both the /s and the /sms switches.

The /f1filename switch allows you to specify a fully-qualified alternate name for the setup.iss file. Note that there must be no space between the /f1 switch and the file name. This switch works both with /r to create the file and with /s to read it.

The /f2filename switch specifies a log file. Once again, there must be no space between the switch and the file name.

WARNING: Be careful what characters you use in these file names, because InstallShield silently strips certain non-alphanumerics (like hyphens).

Oh, one more thing. The /r and /s switches only work if the release engineer is competent. Many packages have "custom dialogs" which are not supported by setup.iss, which means the dialogs will always appear no matter what you do. For such packages, I suggest asking the vendor to fix their installer. If that does not work, I suggest doing what you can to deprive them of business.


InstallShield has a relatively new add-on product called PackagefortheWeb, or PFTW for short. This is basically an InstallShield tree bundled up as a single-file executable.

When you run this executable, it extracts a bunch of files to a temporary directory and launches the setup.exe within.

The PFTW package recognizes the /s and /a ... switches. The /s switch instructs the PFTW package to run silently, although this does not necessarily mean that the underlying setup.exewill run silently.

The /a ... ("add") switch allows you to add switches to the command line of the underlying setup.exe process. You may provide any of the normal InstallShield switches here, including /r, /s, and /sms.

Thus, to automate the installation of a PFTW package named foo.exe, you would first perform one installation by hand to create the answer file:

    foo.exe /a /r /f1c:\temp\foo.iss

Then, to install the package completely silently, you would run:

    start /wait foo.exe /s /a /s /sms /f1c:\temp\foo.iss

The first /s is only needed for a completely silent installation. If you leave it off, the PFTW package will show you a status bar as it extracts the InstallShield tree to the temporary directory.

InstallShield with MSI

Recent versions (7 and above) of InstallShield's tools are able to produce MSI files. Read InstallShield's documentation for full details.

These MSI files may be shipped alone or with a setup.exe installer. These installers in turn come in two flavors, called "InstallScript MSI" and "Basic MSI". InstallScript MSI uses the traditional InstallShield switches. Basic MSI is another story.

To perform an unattended installation using a Basic MSI installer, you provide the /s /v"..." switches, where ... represents any additional switches you want to pass down to msiexec. These should include the /qb (or /qn) switch to make the installation non-interactive, so a minimal invocation would be:

    setup.exe /s /v"/qb"

Just to make things interesting, any of these mechanisms might be combined with PFTW. For example, we eventually figured out that the IBM Update Connector requires these flags for unattended installation:

    updcon532.exe /s /a /s /v"/qb"

The first /s tells the PFTW installer to extract silently. The /a tells it to provide the remaining switches to the underlying setup.exe. The second /s tells setup.exe to run silently, while the /v"/qb" tells it to pass /qb to msiexec, which causes msiexec to run non-interactively but display a basic interface.

Finally, InstallShield has a KnowledgeBase article which is less helpful than you might expect. Are we having fun yet?

Wise InstallMaster

InstallMaster from Wise Solutions is a competitor to InstallShield. You can usually identify the installers it produces by running "strings" on the executable and grepping for "Wise".

InstallMaster installers are supposed to recognize the /s switch to perform a silent installation. And in our experience, they generally do. But there is no way to set options, and the exit status is meaningless.

Note: This product has been rebranded the "Wise Installation System". Don't let them confuse you.

Inno Setup

Inno Setup is an open source competitor in this space. You can usually identify the installers it creates by running "strings" on the executable and grepping for "Inno".

The switches for Inno Setup are fully documented in the ISetup.hlp file in the Inno distribution. Here, is an html version. Thanks to Lawrence Mayer for it.

In our experience, the /silent switch is usually sufficient for a basic unattended installation. But to be completely sure, we recommend /sp- /silent /norestart.

Note that the /verysilent switch may reboot the machine without prompting, which is pretty much the worst of all possible worlds. So if you use /verysilent, be sure to use /norestart as well.

Nullsoft Scriptable Install System

The Nullsoft Scriptable Install System (NSIS) is another open source installation system. It was created by the WinAmp authors to distribute that application, but it is now a general-purpose system which anyone might use.

When an NSIS installer runs, it creates a little window which says verifying installer: N%, where N counts from 0 to 100. So you can recognize these installers by this behavior. (Actually the verification procedure is optional, but most installers have it enabled. As an alternative, you can run "strings" and grep for "NSIS").

NSIS installers recognize /S for silent installation, /NCRC to suppress the CRC (verification) step, and /D=dir to specify the "output directory", which is where the program will be installed. These options are case-sensitive, so be sure to type them in upper case.

Incidentally, all /S does is change the installer script's SilentInstall attribute from "normal" to "silent". What effect this has, exactly, depends on the person who wrote the script. If /S does not perform a silent install, consider submitting a bug report to the installer's creator.

Ghost installer

Ethalone's Ghost installer is just another commercial product, available in free and commercial editions. The free edition is nothing but the compiler, which takes XML files; the commercial edition is the compiler plus a graphical editor and wizard to create these XML files.

When a Ghost installer runs, it creates a little graphical window which says "Ghost installer wizard. Setup is preparing the Ghost Installer wizard..." together with a progress bar.

Ghost installers recognize -s (case-sensitive) for silent installation, but that works only if the person who created the installer defined a standard installation type (if there are more than one).

If you have trouble to get it silent you might try to guess internal variables and pass new values at the command line using -var:MyVar=value. Unfortunately, using "strings" will not help you guessing. See here.

Other command line parameters are -r (repair), -c (add/remove), and -u (uninstall).

Microsoft hotfixes and older packages

Most Microsoft hotfixes respond to the /? switch, but they do not always tell you everything.

According to KB article 816915 and KB article 824687, Microsoft is moving towards standardized packaging and naming for hotfixes. But they are not done yet.

Modern hotfixes support /passive (formerly /u) for unattended installation, /norestart (formerly /z) to suppress the automatic reboot, and /n to skip backing up files needed for uninstalling the hotfix.

Some hotfixes use an old Microsoft packaging technology called "IExpress", whose switches are more-or-less documented in KB article 197147 and an old USENET post. These installers first extract some stuff to a temporary folder and then run a command from inside that folder. They support the /t:path switch to specify the temporary folder name and the /c:command switch to specify the command to run. Specifying just /c suppresses running the command at all, so you can use /c /t:path to extract the hotfix just to look at it.

These packages support the /q switch for quiet operation, except sometimes you have to use /q:a instead. They also support the /r:n switch to suppress the reboot. Sometimes these do not work and you have to fiddle with the /c:command switch; see the second "NOTE" in KB article 317244 for an example.

Leave it to Microsoft to make systems administration an experimental science.

If all else fails...

If the application simply has no unattended installation procedure, you can create your own. I prefer to avoid these approaches if at all possible, since they are relatively unreliable and difficult to maintain.


There are several tools around which can take a snapshot of a machine's state before and after a manual installation, compute the differences between the states, and bundle them up as an "installer". The Wise product line provides good support for this, and Microsoft's free tool provides bad support for it.

The problem with this approach is that it fundamentally cannot work reliably. An installer's behavior may depend on the exact initial state of the machine, such as the OS version or the presence/absence of other installed software. So the repackaged installer will almost never do exactly the same thing that a fresh installation would, unless the target machine is completely identical to the original machine.

In addition, for every new release of an application, you will need to repackage it again. And there are other disadvantages which even Microsoft recognizes.

For these reasons, we think repackaging is a very bad idea and we strongly advise against it.


AutoIt is a free tool which can simulate key presses and mouse clicks, following a script customarily named with a .aut or a .au3 extension. Most installers have a sufficiently simple and consistent interface that a very short AutoIt script suffices to automate their installation.

The AutoIt distribution includes very good documentation. The Unattended distribution includes both versions 2 (AutoIt.exe) and 3 (AutoIt3.exe). These versions differ in their script formats. Currently, all scripts that are shipped with Unattended are written for version 2, but we plan to switch to version 3 in the future and advise to create new scripts only in version 3.

AutoIt scripts do have drawbacks.

First, you must be careful when upgrading to new releases of an application, since the installer's UI may have changed.

More worryingly, AutoIt scripts are theoretically unreliable because they do not let you determine when a sub-process has exited. You can tell when AutoIt itself exits, but that is not the same thing at all. For example, an installer's last window might disappear while the installer was still working. Your master script, waiting only for the AutoIt executable, would then proceed, starting another installation or rebooting the machine.

AutoIt provides Run and RunWait primitives, but it does not provide a way to wait for the termination of an application which was invoked by Run. If it did, this race condition could be avoided.

In practice, it does not matter much, because most installers do finish their work before destroying their last window. Just make sure your .aut script uses WinWaitClose to wait for that last window to vanish.

You should make sure that your script contains a [ADLIB] section to catch surprising reboot requests.


To pique your inspiration you should have a closer look on some of our application installation scripts in the SVN repository:

And do not forget our Wiki, which is a very good source of additional install scripts.