What is MSI Rollback?
MSI rollback feature allows windows installer to revert the system to the original state in case the installation was unsuccessful. If the MSI installation fails or is cancelled by the user, rollback feature allows to undo the changes it made to the system. Among many advantages of using windows Installer over EXE, rollback is one of them.
How MSI Rollback is accomplished?
Installation of MSI is always assisted by an installation
script that instructs windows installer what actions it has to perform. Simultaneously, windows installer will also generate a rollback script and save it under %SystemDrive%\Config.msi folder which
is hidden. Each operation recorded in the rollback script is a direct response
to an operation in the installation script. This script is saved with a file extension .RBS
(which stands for Roll Back Script). A rollback script is a binary file that contains a
sequence of operations such as file and registry updates.
Windows Installer also saves a copy of all the files being
deleted or updated during the installation. These files are saved to the Config.Msi
folder with an extension .RBF (which
stands for Roll Back File).
In short, the Config.msi is a folder used to save rollback
related files and can contains two types of files. Files which have .RBS file
extension are rollback script files and files with .RBF file extension are the backups
of existing files. Both the rollback
script and rollback files are deleted once the installation is completed
successfully.
The .RBF files are stored in the Config.msi folder of the
drive where the application that is being backed-up currently resides, while
.RBS files are always stored in the drive where operating system is installed. In
case your operating system and application being backed-up reside under same
drive let’s assume C:\ then both .RBS and .RBF will be created under
C:\Config.msi folder.
What cannot be roll backed?
Though Windows Installer tries to restore the system to best
possible pre-install state but it cannot rollback every action it performs.
For every standard MSI action, a rollback action exists in
the rollback script. But for any changes done by the custom actions, MSI cannot
automatically undo them unless the author of the MSI (or MST) has explicitly
written a “Rollback Custom Action” corresponding to every custom action. Any custom
action involving either of the below is not roll-backed by default:
Launch or Install an executable during MSI installation.
- Calling special functions from a DLL.
- Running VBS, BAT, CMD or PowerShell scripts.
- Nested MSI installations.
Also,
if your MSI uses SelfReg table to register the DLLs during the installation,
rollback of those DLLs cannot be done safely and reliably.
How to disable or enable MSI Rollback
functionality?
At Machine Level:
Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
Value: DisableRollback
Type: DWORD
Data: 0 or 1
or
Key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\InstallerValue: DisableRollback
Type: DWORD
Data: 0 or 1
Value “1” will disable the rollback functionality of Windows Installer while value “0” will enable it. If the registry is absent on the machine, it means it is already enabled.
At Domain Level:
- Open the relevant GPO.
- For example, open the Microsoft Management Console -> Active Directory Users and Computers snap-in -> Right-click the organizational unit (OU) or domain -> Select Properties -> Select the Group Policy tab -> Select the GPO -> Click Edit.
- Expand Computer Configuration -> Administrative Templates- > Windows Components -> Windows Installer.
- Double-click "Prohibit rollback."
- Select Enabled or Disabled as per the requirement.
- Click OK.
At MSI Level:
To prevent a MSI from generating a rollback script (.RBS)
and saving copies of deleted files (.RBF) during the installation, set
DISABLEROLLBACK property to 1.Note: In case rollback is disabled and MSI installation fails, the files and registry installed on the machine during incomplete installation will be retained on the machine causing wastage of disk space. Though it is sometimes used as a tweak to fasten the installation of big sized MSIs as files being updated do not have to be backed-up, but is not a best practice.
Relation between rollback files and pending
machine reboots?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
PendingFileRenameOperations is a multi-string type registry which can save the locations of different files that are supposed to be deleted at next machine restart.
Example of a RBF not deleted after successful uninstallation, while its entry gets created in PendingFileRenameOperations registry so that it can be removed at next machine reboot.