The goal of this document is to collect instructions for performing unattended / silent installations of many popular application installers. Such instructions are useful for automating these installations.
A quick word on terminology: Strictly speaking, an unattended installation is one which does not require user interaction, and a silent (or quiet) installation is one which does not display any indication of its progress. However, most people use these terms interchangeably.
Here, we are interested not only in performing unattended installations, but also in waiting for those installations to finish and suppressing any reboot they might want to perform. This is necessary for reliably installing multiple applications.
There are several systems which vendors use to create installers for their applications. To make an educated guess about how to run an installer unattended, you need to know which system was used to create it. Sometimes this will be obvious from the installer's splash screen; sometimes you can figure it out by running strings; and sometimes you will have to guess.
Of course, you can try running the installer with the
/? switch to
find out which other switches it supports. But if you really expect this to work,
then you have not been using Windows for very long. In my experience, the odds
are about 1 in 4 that
/? will tell you anything at all, even when
there is something to tell.
Microsoft's own Windows Installer Service is the nominal standard, and if everybody used it, there would be no need for this document. Unfortunately, Microsoft invented it too late.
The package files have a
.msi extension, and you manipulate them
For installation, use the
/qb switches. Use the
/l* switch to produce a log file. You can provide named options (or
"properties") at the end of the command line; which
properties are supported depends on the package. For example, this command:
msiexec /qb /l* perl-log.txt /i ActivePerl.msi PERL_PATH=Yes PERL_EXT=Yes
...is how you install ActiveState Perl, instructing the MSI package to add
Perl.exe to your
PATH and to associate
.pl files with
Perhaps the most important common property is the REBOOT property, which you can use to suppress any automatic
reboot the MSI package might try to perform. So in general, you want to provide
msiexec can do many other things, like uninstall software or apply
patches. Neat, huh? Too bad nobody uses it.
InstallShield is one of the oldest and most widely used application packaging systems.
Installers created by InstallShield recognize the
The installer itself is invariably named
To perform a silent installation, you need an InstallShield "answer
file", customarily named
setup.iss. Some applications ship with
such a file, but if yours does not, you can use the graphical installer itself to
Here is how it works. Run the installer with the
("record") switch. Proceed through the dialogs and complete the
installation. This will create a
setup.iss file and place it in the
C:\WINDOWS directory (yes, really). This file will include all of
your responses to the InstallShield dialogs, allowing you to perform unattended
installations as if you were giving the same answers again. Simply copy
setup.iss to the same directory as the installer executable.
Once you have a
setup.iss file, run the installer with the
/s ("silent") option. This will perform an unattended
Unfortunately, the installer will fork a separate process and exit, meaning it
will return immediately even if you run it under
This makes it useless for scripting purposes. Luckily, there is another switch,
/sms, which will cause the installer to pause until the installation
Hence, for an InstallShield application, you want to provide both the
/s and the
/f1filename switch allows you to specify a
fully-qualified alternate name for the
setup.iss file. Note that
there must be no space between the
/f1 switch and
the file name. This switch works both with
/r to create the file and
/s to read it.
/f2filename switch specifies a log file. Once again,
there must be no space between the switch and the file name.
WARNING: Be careful what characters you use in these file names, because InstallShield silently strips certain non-alphanumerics (like hyphens).
Oh, one more thing. The
/s switches only work
if the release engineer is competent. Many packages have "custom
dialogs" which are not supported by
setup.iss, which means the
dialogs will always appear no matter what you do. For such packages, I suggest
asking the vendor to fix their installer. If that does not work, I suggest doing
what you can to deprive them of business.
When you run this executable, it extracts a bunch of files to a temporary
directory and launches the
The PFTW package recognizes the
/s switch instructs the PFTW package to run silently,
although this does not necessarily mean that the underlying
setup.exewill run silently.
/a ... ("add") switch allows you to add switches
to the command line of the underlying
setup.exe process. You may
provide any of the normal InstallShield switches here, including
Thus, to automate the installation of a PFTW package named
you would first perform one installation by hand to create the answer file:
foo.exe /a /r /f1c:\temp\foo.iss
Then, to install the package completely silently, you would run:
start /wait foo.exe /s /a /s /sms /f1c:\temp\foo.iss
/s is only needed for a completely silent installation.
If you leave it off, the PFTW package will show you a status bar as it extracts
the InstallShield tree to the temporary directory.
InstallShield with MSI
These MSI files may be shipped alone or with a
These installers in turn come in two flavors, called "InstallScript
MSI" and "Basic MSI". InstallScript MSI uses the traditional InstallShield switches. Basic MSI is
To perform an unattended installation using a Basic MSI installer, you provide
/s /v"..." switches, where
represents any additional switches you want to pass down to
These should include the
/qn) switch to make
the installation non-interactive, so a minimal invocation would be:
setup.exe /s /v"/qb"
Just to make things interesting, any of these mechanisms might be combined with PFTW. For example, we eventually figured out that the IBM Update Connector requires these flags for unattended installation:
updcon532.exe /s /a /s /v"/qb"
/s tells the PFTW installer to extract silently. The
/a tells it to provide the remaining switches to the underlying
setup.exe. The second
to run silently, while the
/v"/qb" tells it to pass
msiexec, which causes
msiexec to run
non-interactively but display a basic interface.
Finally, InstallShield has a KnowledgeBase article which is less helpful than you might expect. Are we having fun yet?
InstallMaster from Wise Solutions is a competitor to InstallShield. You can usually identify the installers it produces by running "strings" on the executable and grepping for "Wise".
InstallMaster installers are supposed to recognize the
/s switch to
perform a silent installation. And in our experience, they generally do. But
there is no way to set options, and the exit status is meaningless.
Note: This product has been rebranded the "Wise Installation System". Don't let them confuse you.
Inno Setup is an open source competitor in this space. You can usually identify the installers it creates by running "strings" on the executable and grepping for "Inno".
In our experience, the
/silent switch is usually sufficient for a
basic unattended installation. But to be completely sure, we recommend
/sp- /silent /norestart.
Note that the
/verysilent switch may reboot the machine without
prompting, which is pretty much the worst of all possible worlds. So if you use
/verysilent, be sure to use
/norestart as well.
Nullsoft Scriptable Install System
The Nullsoft Scriptable Install System (NSIS) is another open source installation system. It was created by the WinAmp authors to distribute that application, but it is now a general-purpose system which anyone might use.
When an NSIS installer runs, it creates a little window which says
verifying installer: N%, where
N counts from 0 to
100. So you can recognize these installers by this behavior. (Actually the
verification procedure is optional, but most installers have it enabled. As an
alternative, you can run "strings" and grep for "NSIS").
NSIS installers recognize
/S for silent installation,
/NCRC to suppress the CRC (verification) step, and
/D=dir to specify the "output directory", which is where the
program will be installed. These options are case-sensitive, so
be sure to type them in upper case.
/S does is change the installer script's SilentInstall attribute from "normal" to
"silent". What effect this has, exactly, depends on the person who
wrote the script. If
/S does not perform a silent install, consider
submitting a bug report to the installer's creator.
Ethalone's Ghost installer is just another commercial product, available in free and commercial editions. The free edition is nothing but the compiler, which takes XML files; the commercial edition is the compiler plus a graphical editor and wizard to create these XML files.
When a Ghost installer runs, it creates a little graphical window which says "Ghost installer wizard. Setup is preparing the Ghost Installer wizard..." together with a progress bar.
Ghost installers recognize
-s (case-sensitive) for silent
installation, but that works only if the person who created the installer defined
a standard installation type (if there are more than one).
If you have trouble to get it silent you might try to guess internal variables
and pass new values at the command line using
-var:MyVar=value. Unfortunately, using "strings" will not help you
guessing. See here.
Other command line parameters are
-c (add/remove), and
Microsoft hotfixes and older packages
Most Microsoft hotfixes respond to the
/? switch, but they do not
always tell you everything.
Modern hotfixes support
suppress the automatic reboot, and
/n to skip backing up files
needed for uninstalling the hotfix.
Some hotfixes use an old Microsoft packaging technology called
"IExpress", whose switches are more-or-less documented in KB article 197147 and an old USENET post. These installers first extract some stuff
to a temporary folder and then run a command from inside that folder. They
/t:path switch to specify the temporary
folder name and the
/c:command switch to specify the
command to run. Specifying just
/c suppresses running the command at
all, so you can use
/c /t:path to extract the hotfix
just to look at it.
These packages support the
/q switch for quiet operation, except
sometimes you have to use
/q:a instead. They also support the
/r:n switch to suppress the reboot. Sometimes these do not work and you
have to fiddle with the
/c:command switch; see the second
"NOTE" in KB article 317244 for an example.
Leave it to Microsoft to make systems administration an experimental science.
If all else fails...
If the application simply has no unattended installation procedure, you can create your own. I prefer to avoid these approaches if at all possible, since they are relatively unreliable and difficult to maintain.
There are several tools around which can take a snapshot of a machine's state before and after a manual installation, compute the differences between the states, and bundle them up as an "installer". The Wise product line provides good support for this, and Microsoft's free tool provides bad support for it.
The problem with this approach is that it fundamentally cannot work reliably. An installer's behavior may depend on the exact initial state of the machine, such as the OS version or the presence/absence of other installed software. So the repackaged installer will almost never do exactly the same thing that a fresh installation would, unless the target machine is completely identical to the original machine.
In addition, for every new release of an application, you will need to repackage it again. And there are other disadvantages which even Microsoft recognizes.
For these reasons, we think repackaging is a very bad idea and we strongly advise against it.
AutoIt is a free
tool which can simulate key presses and mouse clicks, following a script
customarily named with a
.aut or a
Most installers have a sufficiently simple and consistent interface that a very
short AutoIt script suffices to automate their installation.
The AutoIt distribution includes very good documentation. The Unattended distribution includes both versions 2 (AutoIt.exe) and 3 (AutoIt3.exe). These versions differ in their script formats. Currently, all scripts that are shipped with Unattended are written for version 2, but we plan to switch to version 3 in the future and advise to create new scripts only in version 3.
AutoIt scripts do have drawbacks.
First, you must be careful when upgrading to new releases of an application, since the installer's UI may have changed.
More worryingly, AutoIt scripts are theoretically unreliable because they do not let you determine when a sub-process has exited. You can tell when AutoIt itself exits, but that is not the same thing at all. For example, an installer's last window might disappear while the installer was still working. Your master script, waiting only for the AutoIt executable, would then proceed, starting another installation or rebooting the machine.
In practice, it does not matter much, because most installers do finish their
work before destroying their last window. Just make sure your
WinWaitClose to wait for that last window to
You should make sure that your script contains a [ADLIB] section to catch surprising reboot requests.
To pique your inspiration you should have a closer look on some of our application installation scripts in the SVN repository:
And do not forget our Wiki, which is a very good source of additional install scripts.