How to launch a GUI program in a Windows service?
https://stackoverflow.com/questions/948417
-
09-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
When I run a service as LocalSystem account, I can use following codes to launch a GUI program under current login account:
WTSGetActiveConsoleSessionId->WTSQueryUserToken->CreateProcessAsUser
However, when I run the service as my personal account, the GUI program will NOT show up. I can see it in task manager though.
What should I do to launch the GUI program when the service is running under my personal account?
Solution
John and jdigital are both right - from my understanding, services can generally have either desktop access (you have to use localsystem) or network access (you need to specify an account to run under).
You will need two split your app into two - one to interact with the desktop and the other to talk over the network. The two parts can then talk to each other to relay info to the end user.
OTHER TIPS
It all has to do with permissions I believe.
LocalSystem has sufficient privileges to impersonate the current user, but your account doesn't.
You'd have to figure out a way to extend permissions to your service, either by prompting for credentials, or connecting to a helper service that runs as LocalSystem.
(Why do you want to run with your account instead of LocalSystem?)
I'm sure there are much more thorough answers that deal with the in's and out's of doing this, but at a high level I think this is the issue.
You may be running in the wrong window station or desktop. See this Microsoft reference on Window Stations and Desktops.
I believe that what you are trying to do may be considered a security vulnerability. It is also not likely to work in some cases as well. I think jdigital is correct in that it has to do with window stations and trying to get access to the current user window station and it's desktop. This is confused a lot when you are under under a terminal services server where there are multiple current window stations. Microsoft really don't want you to what you want and they make it harder with every release of windows.
I think your best bet is to solve the problem from another angle and just create a GUI application that the user runs (manaully or automatically at login) and it talks to your service.
