WTSSendMessage fail with error Access Denied

  • Thread starter Thread starter kalpesh
  • Start date Start date
K

kalpesh

i describe my Issue that i am developing virtual printer driver DLL
which is run by
spooler service of operation system, means my driver is run under
spooler service.

Now i need to show one MessageBox from my this DLL in Window vista
but
vista not support any user interface from service thats why i use
this
WTSSendMessage function but this function give me error "ACCESS
DENIED"...


//Code i used


#define WTS_CURRENT_SERVER ((HANDLE)NULL)
#define WTS_CURRENT_SERVER_HANDLE ((HANDLE)NULL)
#define WTS_CURRENT_SERVER_NAME (NULL)


#define WTS_CURRENT_SESSION ((DWORD)-1)


//defination of WTSSendmessage Function pointer
typedef BOOL (*funPtr) ( HANDLE,
DWORD,
LPWSTR,
DWORD, LPWSTR, DWORD, DWORD, DWORD, DWORD*,
BOOL);


funPtr callFun;
HMODULE hModule = LoadLibrary(L"Wtsapi32.dll");
if(hModule)
{
callFun = (funPtr) GetProcAddress(hModule, "WTSSendMessageW");
if(callFun) {
DWORD result;
BOOL ret =
callFun( WTS_CURRENT_SERVER_HANDLE,


WTS_CURRENT_SESSION,


(LPWSTR)L"Thunder Driver",
38,
MB_OK,
FALSE,
&result,
0);


if(!ret) {
Print_Error();
}


}//end getproc
}//end loadlibrary


function return with "Error : Access Denied";;
WTSSendmesage function fail
and return with error "ACCESS DENIED".


This function failed is happening on Window vista only,
One more thing is this same code is running successfully On Window XP
means i think that
there is some problem arise due to Vista securtiy...


So please help me ....
Thanks in Advance....
 
i describe my Issue that i am developing virtual printer driver DLL
which is run by
spooler service of operation system, means my driver is run under
spooler service.

Now i need to show one MessageBox from my this DLL in Window vista
but
vista not support any user interface from service thats why i use
this
WTSSendMessage function but this function give me error "ACCESS
DENIED"...

//Code i used

#define WTS_CURRENT_SERVER ((HANDLE)NULL)
#define WTS_CURRENT_SERVER_HANDLE ((HANDLE)NULL)
#define WTS_CURRENT_SERVER_NAME (NULL)

#define WTS_CURRENT_SESSION ((DWORD)-1)

//defination of WTSSendmessage Function pointer
typedef BOOL (*funPtr) ( HANDLE,
DWORD,
LPWSTR,
DWORD, LPWSTR, DWORD, DWORD, DWORD, DWORD*,
BOOL);

funPtr callFun;
HMODULE hModule = LoadLibrary(L"Wtsapi32.dll");
if(hModule)
{
callFun = (funPtr) GetProcAddress(hModule, "WTSSendMessageW");
if(callFun) {
DWORD result;
BOOL ret =
callFun( WTS_CURRENT_SERVER_HANDLE,

WTS_CURRENT_SESSION,

(LPWSTR)L"Thunder Driver",
38,
MB_OK,
FALSE,
&result,
0);

if(!ret) {
Print_Error();
}

}//end getproc
}//end loadlibrary

function return with "Error : Access Denied";;
WTSSendmesage function fail
and return with error "ACCESS DENIED".

This function failed is happening on Window vista only,
One more thing is this same code is running successfully On Window XP
means i think that
there is some problem arise due to Vista securtiy...

So please help me ....
Thanks in Advance....
Click to expand...

I found some more help on this topic that every service having some
terminal service Permissions

like..
<<< Terminal Services Permissions >>
-- Query sessions and servers for information.
-- Configure connection properties
-- View or actively control another user's session
-- Log on to a session on the server.
-- Log off a user from a session. Be aware that logging off a user
without warning can result in loss of data at the client.
-- Send a message to another user's sessions
-- Connect to another session.
-- Disconnect a session.
-- Use virtual channels. Be aware that turning off virtual channels
disables some Terminal Services features such as clipboard and printer
redirection.
-- End a session. Be aware that ending a session without warning can
result in loss of data at the client.

for more help Link--> http://msdn2.microsoft.com/En-US/library/aa383488.aspx

Now each service is run under specific Access Accout this are:::
1) Full Access
2) User Access
3) Guest Access

Full Access have full permission, do all terminal service task while
user access have some and guest have only one which
is
Guest access allows users to:
· Log on to a session on the server.

More Info visit Link::
http://207.46.196.114/windowsserver...b228-4a0c-9a9f-ef6219afbd5f1033.mspx?mfr=true
http://207.46.196.114/windowsserver...743b-4a35-9b94-9ec7cdb9aa381033.mspx?mfr=true
http://207.46.196.114/windowsserver...9290-46fa-9541-68122a0474861033.mspx?mfr=true
From this Access permission i think that my virtual printer driver DLL
Click to expand...
run with guest access because it give access denied error for
WTSSendMessage function and also for OpenProcessToken function..

so tell me after read this message and study from the link which i
given..

After all what is the solution for My problem to show one message box
from service (My virtual printer driver DLL)..

Help me...
Thanks in Advance..
 
kalpesh said:
i describe my Issue that i am developing virtual printer driver DLL
which is run by
spooler service of operation system, means my driver is run under
spooler service.
Click to expand...

Services all run in session 0. That's a starting point.
Now i need to show one MessageBox from my this DLL in Window vista
but
vista not support any user interface from service thats why i use
this
WTSSendMessage function but this function give me error "ACCESS
DENIED"...


//Code i used


#define WTS_CURRENT_SERVER ((HANDLE)NULL)
#define WTS_CURRENT_SERVER_HANDLE ((HANDLE)NULL)
#define WTS_CURRENT_SERVER_NAME (NULL)


#define WTS_CURRENT_SESSION ((DWORD)-1)
Click to expand...

"Current Session" is one of those items that sticks out like a sore thumb on
Vista. Keep reading...
function return with "Error : Access Denied";;
WTSSendmesage function fail
and return with error "ACCESS DENIED".

This function failed is happening on Window vista only,
One more thing is this same code is running successfully On Window XP
means i think that
there is some problem arise due to Vista securtiy...
Click to expand...

Between Windows XP and Windows Vista, a few things changed.

First, Windows XP already had the feature that several users could be logged
in to multiple sessions, so your driver would wind up sending its message to
the "console" session, which might not be the currently active session. Your
driver needs to take account of the possibility that multiple users may be
logged in at multiple sessions, or it will fail to notify active users on
Windows XP or Server 2003.

Worse, on Windows Vista, the user _never_ gets to log on in session 0,
because it's a security risk to have users and services running in the same
logon session.

You will need to investigate WTSEnumerateSessions to get a list of all the
sessions, and send your message to all of them that are in the WTSActive
state.

I notice you're also passing "FALSE" for the parameter documented as "DWORD
Timeout", and "0" for the parameter documented as "BOOL bWait". I think you
have these reversed - while the effect is to pass a value of 0 to each, it's
confusing.

Finally, since you can't really tell if anyone's paying attention to your
dialog here, I would suggest setting bWait to FALSE, and Timeout to some
value after which the dialog will disappear from the sessions that aren't
actually being watched by a user right now. Setting a timeout of 0 is just
asking for trouble, as your dialogs back up on an inactive desktop, taking
up space that will never be returned because the user isn't there - and then
when the user returns, they have to do what, click OK like a million times?
Stop abusing your users just because you don't want to spend a few seconds
to think about good timeout values.

Alun.
~~~~
 
Back
Top