Sysprep warning message in 8.5.2

[donho]

SYSPRP Package NotepadPlusPlus_1.0.0.0_neutral__7njy0v32s6xk6 was installed for a user, but not provisioned for all users. https://community.notepad-plus-plus.org/topic/24345/notepad-v8-5-2-release/19?_=1681357704510

Not sure if it’s NppShell issue though. What do you think @GurliGebis ?

[GurliGebis]

It is the same as when we try to install it for all users. Sysprep complains that the package isn't installed for all users - so when the image they make is installed, the new user will not be have the package installed.

However, the multi-user fix we did earlier this week also works there. So the first time they right click a file after they create the user, it will be there.

This requires 8.5.3 though, so the version they are using (8.5.2) doesn't do that 🙂

[donho]

@GurliGebis

This requires 8.5.3 though, so the version they are using (8.5.2) doesn't do that

Sorry I don't follow you - what's in v8.5.3 makes difference?

It is the same as when we try to install it for all users. Sysprep complains that the package isn't installed for all users - so when the image they make is installed, the new user will not be have the package installed.

So if I understand correctly, while installer registering NppShell.dll for the Adm user, Sysprep has detected it and complains? If it is, Sysprep will always complain with our current solution (installing for user on the first use), won't it?

[GurliGebis]

@donho in the test builds we have now, this code exists: https://github.com/notepad-plus-plus/nppShell/blob/e250ff9af44281cbff23b9d246cf06974f232cef/Installer.cpp#L409

Sysprep complains that the package is only installed for a normal user, and not provisioned for everyone (which is what you cannot do for a sparse package - or to be more specific, you can do it, but it doesn't get installed for other users when they log in). So since the code I link above exists, they should just ignore the warning from sysprep, since we handle registering the package for new users at the first right click on a file.

[donho]

@GurliGebis

So since the code I link above exists, they should just ignore the warning from sysprep, since we handle registering the package for new users at the first right click on a file.

So TEST20 should fix it, shouldn't it?

[GurliGebis]

@donho it will make sure it is installed for the user on first right click. It won't prevent sysprep from showing that warning, since it will complain about it, but the warning can be safely ignore, since it is working as intended

[donho]

@GurliGebis

it will make sure it is installed for the user on first right click.

You mean on the 2nd right click, right?

It won't prevent sysprep from showing that warning, since it will complain about it, but the warning can be safely ignore, since it is working as intended

OK, thank you for your answer.

[GurliGebis]

@donho on the first right click, it will trigger the install of the msix package, so it will be there on the second right click 🙂

[donho]

@GurliGebis

@donho on the first right click, it will trigger the install of the msix package, so it will be there on the second right click 🙂

Yes, sure. Sorry for misreading. Thank you for the reply.

[GurliGebis]

🙂

[Hammerfest]

Thanks everyone for reporting this error, I was just building new images for family systems updating to 11 and kept running into this error when trying to sysprep generalize when it worked without issue a few months ago!

Looks like it will be resolved in 8.5.3 so I will keep an eye out and test when it drops!

EDIT: if TEST20 is supposed to resolve the issue, it does not, this PREVENTS sysprep generalize from completing.

[GurliGebis]

@Hammerfest sysprep fails if a package is provisioned for the user but not the system?

[Hammerfest]

Correct, exact message at the opening comment

2023-04-22 15:45:17, Error                 SYSPRP Package NotepadPlusPlus_1.0.0.0_neutral__7njy0v32s6xk6 was installed for a user, but not provisioned for all users. This package will not function properly in the sysprep image.
2023-04-22 15:45:17, Error                 SYSPRP Failed to remove apps for the current user: 0x80073cf2.
2023-04-22 15:45:17, Error                 SYSPRP Exit code of RemoveAllApps thread was 0x3cf2.
2023-04-22 15:45:17, Error                 SYSPRP ActionPlatform::LaunchModule: Failure occurred while executing 'SysprepGeneralizeValidate' from C:\Windows\System32\AppxSysprep.dll; dwRet = 0x3cf2
2023-04-22 15:45:17, Error                 SYSPRP SysprepSession::Validate: Error in validating actions from C:\Windows\System32\Sysprep\ActionFiles\Generalize.xml; dwRet = 0x3cf2
2023-04-22 15:45:17, Error                 SYSPRP RunPlatformActions:Failed while validating Sysprep session actions; dwRet = 0x3cf2
2023-04-22 15:45:17, Error      [0x0f0070] SYSPRP RunDlls:An error occurred while running registry sysprep DLLs, halting sysprep execution. dwRet = 0x3cf2
2023-04-22 15:45:17, Error      [0x0f00d8] SYSPRP WinMain:Hit failure while pre-validate sysprep generalize internal providers; hr = 0x80073cf2

[GurliGebis]

@Hammerfest can you try this, and then run sysprep again: Get-AppxPackage -Name *NotepadPlusPlus* | Remove-AppxPackage

[GurliGebis]

The package will be reinstalled automatically

[Hammerfest]

This worked, it should be noted however that if you create a template user (not done often by many) it will need to be done on both the user and sysprep account or it will still fail.

Might be to much of a PITA to properly resolve this to simply install upon account creation or provide an integration pack like Microsoft does for some of its tools.

[GurliGebis]

@Hammerfest the problem is that provisioning the package on a system level doesn't work for sparse package, so we simply cannot do that. For it to work, the entire NPP setup should be moved into an MSIX package instead, but that is not happening right now at least.

[levicki]

@GurliGebis

It won't prevent sysprep from showing that warning, since it will complain about it, but the warning can be safely ignore, since it is working as intended

I don't know with what authority you are saying the bolded part, but your claim is totally incorrect.

Sysprep is not issuing a warning which can be ignored — it is throwing an error since it fails to reseal the image to OOBE state because of this improperly provisioned package.

When we are at the subject of that package, I don't like how it is done silently without notifying the user that it is being installed. Such behavior is always automatically associated in my head with malware.

I don't know what is the purpose of that package (and frankly I don't care because it seems to work for me without it), but if it interferes with sysprep it will prevent staging Notepad++ in a Windows image and leave many people scratching their head as to where it came from.

Changes like this should be properly tested or at least announced clearly in release notes — you can't expect people to come read the commit logs and merge / pull requests on GitHub to find out stuff like that.

[GurliGebis]

@levicki the problem is that you cannot provision a sparse package on the machine level, since it doesn't get installed by the user. Which is why we have to register the package for the user once they log in, since that is the way it can be done.

I don't know why Microsoft hasn't implemented the logic to allowed provisioning sparse packages. If Notepad++ was delivered using the store instead, it should have worked, since it would be possible to provision it for everyone.

[levicki]

@GurliGebis

I understood that much.

What I didn't understand is what problem is using a sparse package trying to solve in the first place? Is it registering the shell extension per user?

If so, then why not just use the HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components registry key?

An example of Brave doing just that:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}]
@="Brave"
"StubPath"="\"C:\\Program Files\\BraveSoftware\\Brave-Browser\\Application\\114.1.52.126\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level"
"Localized Name"="Brave"
"IsInstalled"=dword:00000001
"Version"="43,0,0,0"

So for example you could do (I generated random GUID, you could use the ProductID if you are using MSI installer):

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{61C3E878-1CE2-4E1D-B791-66494FB43BD7}]
@="Notepad++"
"Version"="1"
"StubPath"="C:\\Windows\\System32\\regsvr32.exe /s /i \"C:\\Program Files\\Notepad++\\NppShell_06.dll\""

That will get executed for each new user only once, after that the corresponding mirror of the HKLM key will be created in HKCU and marked as installed so it won't be run again if the exact match is found. Afterwards if you want to re-run it you just increase version number.

Note that if you want multipart version number (like Brave uses above) you must use comma (,) as a separator, not a dot (.).

More details here and on Google of course.

TL;DR — If you are a desktop application then work like a desktop application, and if you are a store application then make a proper MSIX package that can be provisioned for all users instead of mixing apples and oranges.

[donho]

@GurliGebis Is it possible (doable) to integrate the solution suggested by Luper? https://community.notepad-plus-plus.org/topic/24591/notepad-v8-5-4-release/4?_=1688091290446

[levicki]

@donho I don't think that's possible, @GurliGebis said sparse package cannot be provisioned on the system level.

It's much easier to do this using the Active Setup registry key instead of building an appx as I have explained in the post above yours.

If you really want to go the Store route, then you should make whole Notepad++ into an appx/msix that can be provisioned into the image for all users instead of having to run regular setup, and then we won't be having this problem.

As I said, you are either a desktop app or a store app. You can't really be both (well technically you can skirt it, but it will just give you and the users headaches).

[GurliGebis]

@donho from what I tried earlier, when we had to find a solution for installing it for all users on the system, it seems like it just doesn't work. It registers the package just fine, but it never gets installed for any users. It might be me doing something wrong, since I wasn't able to find any documentation or examples (or other people on github doing it) - it's difficult to know 🙂 That is way we have to do it this way (which is sub-optimal, but at least works). The only problem is for people using sysprep, since they have to unregister the package before sysprepping the installation. (It will be registered for each user on first right click like as usual afterwards)

[Neustradamus]

To follow

[rgb99]

need to be done on both the user and sysprep account

@Hammerfest How, exactly? I installed NPP as Administrator in Audit Mode -- there are no other accounts. Running Get-AppxPackage -Name *NotepadPlusPlus* | Remove-AppxPackage then running sysprep works after installing 8.5.2, but when doing the same thing on newer versions of NPP, sysprep failed following Remove-AppxPackage.

[Hammerfest]

I haven't tried with anything past 8.5.3, its possible something changed When I mentioned user I meant if you made a template user account (something I do so layouts, theme settings stick to any new user created), you can ignore that if you did not/do not do this.

Outside of that the process was reboot into audit mode from OOBE, install programs, restart, run command, then perform sysprep shutdown to OOBE, I wanna say if you restart at all after running the command to remove the package it re-installs on next login of the account

I need to make a new image, will try that this weekend.

[rgb99]

@Hammerfest Thanks for the quick reply! In my case, it's for VMware Horizon (VDI), non-persistent desktops. I can confirm that the AppxPackage comes back during the next logon, but in my experience, removing the package and then running sysprep immediately after (on NPP 8.5.3 and newer) failed.

When we update the Desktop Pools later this month, the machine will have NPP 8.5.2 on it. NPP is already up to 8.5.5 and the sysprep issue is not resolved. Hopefully, it will be, sooner than later!

[benlye]

@Hammerfest Thanks for the quick reply! In my case, it's for VMware Horizon (VDI), non-persistent desktops. I can confirm that the AppxPackage comes back during the next logon, but in my experience, removing the package and then running sysprep immediately after (on NPP 8.5.3 and newer) failed.

I'm also building images for a VMware Horizon VDI environment. I have an automated build process which builds and deploys our golden image templates. I just checked last night's build and it worked fine with NPP 8.5.4 in the image.

The build uses Chocolatey to install NPP and then removes the AppX pacakge:

choco install notepadplusplus.install -y
Get-AppxPackage NotepadPlusPlus | Remove-AppXPackage

The Horizon customization process ran fine afterwards.

[rgb99]

@benlye That is great to know! It's a manual process for us, so we'll have to try 8.5.4 next month.

[rgb99]

Notepad++ 8.5.7 addresses some bad vulnerabilities. However, after running the Remove-AppxPackage command, sysprep still breaks. Is there a way to fix this? @benlye , have you come across this?

[benlye]

Notepad++ 8.5.7 addresses some bad vulnerabilities. However, after running the Remove-AppxPackage command, sysprep still breaks. Is there a way to fix this? @benlye , have you come across this?

My build process appears to be working fine with NPP 8.5.7 using the Remove-AppXPackage mitigation.

[rgb99]

@benlye Lucky you! I rebooted the image. After a few minutes, the package came back so I removed it again with the command, and then Generalize via OSOT worked. I don't understand... but I'll take it.

[AlonzoMoselyFBI]

@Hammerfest can you try this, and then run sysprep again: Get-AppxPackage -Name *NotepadPlusPlus* | Remove-AppxPackage

I created a github account just to thank you for this - fixed my issue. Thank you!

[brentil]

I wanted to report we're seeing this still with 8.6.4 as we're building our first Windows 11 sysprep image. I can run the command above but I have to immediately sysprep the system otherwise it will re-inject the Appx within minutes. Would it be possible to when the application is installed as admin to provision the Appx to all users instead of just the installed one? That would solve this issue. Or provide the ability to add a flag to disable this behavior for image based systems?

The extra frustrating part is we've disable the new Windows 11 right click menu to use the Windows 10 style one so the Appx package isn't even needed.

[GurliGebis]

@brentil That does not work for some reason. We have tried pretty much everything - the API calls return just fine, and shows the package as provisioned for all users - but no users get it installed when they log in (not even the user that does the provisioning for all users). I would suspect this is due to the package not being from the store, but I can only guess.

[OrionWithrow-OHIT]

Still struggling with this on W11 23H2, using NPP 8.6.7. Was working at one point with a previous version. If I revert to version 8.4.9, works perfectly!

[BrendenWalker]

Same problem here with 8.6.7 trying to syspred an Azure VM.

Running Get-AppxPackage | findstr /I "note" from admin PS returns no notepad++ packages installed.

Tried various versions of Remove-AppxPackage including running for each user.

Deleted all remants in registry and on local filesystem, and still getting:

2024-06-06 17:39:39, Error SYSPRP Package NotepadPlusPlus_1.0.0.0_neutral__7njy0v32s6xk6 was installed for a user, but not provisioned for all users. This package will not function properly in the sysprep image.

I got this to work yesterday on a VM created via the same snapshot from the same VM source... so I'm not sure what the heck is going on... Just adding my notes to this in case there's anything useful.

[OrionWithrow-OHIT]

Older versions still work, see my notes above.

[signature_1901198342]https://optimumhit.com/

Orion Withrow (He/Him/His) Cloud Architect

Phone: 804-388-2971 Email: @.**@.> www.optimumhit.comhttps://www.optimumhit.com/

TRULY HUMAN NOTICE: Getting this email out of normal working hours? We work at a digitally enabled relentless pace, which can disrupt our ability to sleep enough, eat right, exercise, and spend time with the people that matter most. I am sending you this email at a time that works for me. Please respond to it at a time that is convenient for you.

From: Brenden Walker @.> Date: Thursday, June 6, 2024 at 1:55 PM To: notepad-plus-plus/nppShell @.> Cc: Orion Withrow @.>, Comment @.> Subject: Re: [notepad-plus-plus/nppShell] Sysprep warning message in 8.5.2 (Issue #29) CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Same problem here with 8.6.7 trying to syspred an Azure VM.

Running Get-AppxPackage | findstr /I "note" from admin PS returns no notepad++ packages installed.

Tried various versions of Remove-AppxPackage including running for each user.

Deleted all remants in registry and on local filesystem, and still getting:

2024-06-06 17:39:39, Error SYSPRP Package NotepadPlusPlus_1.0.0.0_neutral__7njy0v32s6xk6 was installed for a user, but not provisioned for all users. This package will not function properly in the sysprep image.

I got this to work yesterday on a VM created via the same snapshot from the same VM source... so I'm not sure what the heck is going on... Just adding my notes to this in case there's anything useful.

— Reply to this email directly, view it on GitHubhttps://github.com/notepad-plus-plus/nppShell/issues/29#issuecomment-2153094684, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A7S4U6SWULME2QMLMUTC5U3ZGCPBFAVCNFSM6AAAAAAW4QHO7KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNJTGA4TINRYGQ. You are receiving this because you commented.Message ID: @.***>