I don't get it really, you are talking about multiple applications (Windows
Apps.) you want to start, stop, restart etc. What's the interactive user's
role here? Anyway, what you are trying to achieve is exactly what MSFT is
trying to prevent by all means, and is nearly impossible to make it secure
and robust. Note also that nothing in the framework will help you with this
either, you will have to PInvoke all Win32 API's and make sure you don't
forget any.
Before you go, you should have a good understanding of:
1. Windows desktops, window stations, how they interact with each other and
how they relate to the applications and their threads using these secured
executive objects. Please consult the MSDN docs and read as much as you can
about Desktops and WinStations (search MSDN for About Window Stations and
Desktops).
2. The security context of the user running as a service (the service
account) and the context of the application launched by such a service.
When launching an application from a service you will need to:
- Create a logon session by calling Win32 LogonUser (via PInvoke) followed
by,
- a call to LoadUserProfile, this is needed to load it's environment and
profile, when done you can call...
- CreateProcessAsUser, here you need to fill the STARTUPINFO structure and
especially you need to set the 'lpdesktop' member to "Winsta0\Default", by
doing this you will start the application in the visible desktop. But there
is a catch, before you call CreateProcessAsUser you will need to add the
Logon users SID to the DACL of the Winsta0 object. Failing to do this will
prevent the launched application to use the visible desktop.
With any luck you'll have your application running, but, remember that you
have created a new logon session, that means that the application doesn't
run in the already existing interactive logon session, so each time you do
this you will create a new session and you will load the Users Registry Hive
and the environmat block into that session as HKCU, this will consume a lot
of resources when the previous session did not terminate.
Willy.
| Thanks of your reply. The idea is that the windows service would monitor
the
| run of that application. If the application halts, or of there is an
update,
| the service would ask all instances of the application to stop (assuming
| multiple apps are running for each user session), then ask them
to -restart
| again. So the service has to be in a global location monitoring whenever
| users log on/off. The other tough side is that it is the current design
of
| the solutions by the architect and I just joined in, not much I can do
| Please let me know about the hard and insecure way.
|
| Thanx
|
|
|
|
| | >
| > | > | Hi all,
| > |
| > |
| > |
| > | I am trying to start a windows application that has a GUI from a
Windows
| > | service written in .NET 2.0. I have been searching on this for few
days
| > now
| > | with no avail. When using the System.Diagnostic.Process object to
start
| > the
| > | application (i.e Notepad), the new app runs and it is listed on the
task
| > | manger list, but the GUI doesn't show up in the desktop of the current
| > user.
| > | I am aware windows service (either LocalSystem, NetworkService or
| > | LocalService) all run in a sandbox environment. I have read some
where
| > | here that there is no secure and easy way to do this, however I have
no
| > | option really and I wonder if some one could give me some hints as how
| > would
| > | I do this in C# or VB.NET!!.
| > |
| > |
| > |
| > | Thanks
| > |
| > |
| >
| > Why do you need to start the UI application from a service in the first
| > place, there is no easy and secure way to do this. Why don't you start
the
| > UI application when the user logs on, set a shortcut to the application
in
| > the startup folder in the users profile and it will start whenever the
| > user
| > logs on.
| >
| >
| > Willy.
| >
| >
|
|
