在另一个会话中枚举用户桌面的 Windows [英] Enumerate Windows of user desktop on another session
问题描述
这里有一个简单的问题让我发疯.
I've a simple question here that is driving me crazy.
我在 C# 中有一个 Windows 服务,它应该可以在 XP、Vista 和 7 上运行,并且能够枚举当前用户桌面(如果有)的窗口以进行监控.
I have a windows service in C# which should work on XP, Vista and 7 and be able to enumerate windows of the current user's desktop (if any) for monitoring purposes.
到目前为止:
我使用 EnumDesktopWindows 传递 IntPtr.Zero 作为 hdesktop 参数,因为我没有用户桌面的句柄,这只会导致在枚举为服务分配的特殊桌面中存在的少数窗口(Session0\Winsta0)
I have used EnumDesktopWindows passing IntPtr.Zero as the hdesktop parameter because I don't have the handle to user's desktop which results only in enumerating a handful of windows that exist in special desktop which allocated for services (Session0\Winsta0)
我试过EnumWindows,结果和上面一样!
I tried EnumWindows, same results as above!
我尝试使用 GetThreadDesktop API 获取已知进程的桌面,传递了 explorer.exe 线程之一的 ID,但它返回 0,因此我无法获取它的桌面或任何其他的.
I tried to get Desktop of a known process using GetThreadDesktop API, passing id of one of explorer.exe's threads but it returns 0, so I can't get it's desktop or any other's.
我尝试使用 OpenInputDesktop 获取输入桌面,这显然返回 session0 内的桌面而不是用户的桌面.
I tried to get input desktop using OpenInputDesktop which apparently returns the desktop inside session0 not desktop of user.
我能做什么?!
如果您很好奇,我正在编写一个自助服务终端应用程序,它需要监控所有窗口并防止危险的窗口出现,例如任务管理器、Internet 选项、Cmd 以及一般用户不应打开的任何内容.
If you're curious, I'm writing a kiosk application which needs to monitor all windows and prevent dangerous ones like task manager, Internet Options, Cmd, and in general anything that a user should not open.
欢迎提出任何建议.:)
Any suggestions are welcome. :)
推荐答案
您不能毫无例外地在另一个会话中枚举窗口.另一方面,如果您拥有作为操作系统的一部分"(SeTcbPrivilege) 特权,则可以在另一个会话中创建进程.
You cannot, without exception, enumerate windows in a another session. You can, on the other hand, create a process in another session if you have the "Act as part of the operating system" (SeTcbPrivilege) Privilege.
参见 启动进程来自服务的用户会话了解如何做到这一点.
See Launching a process in user’s session from a service for how that can be done.
您最终可以得到两个进程,一个作为 NT 服务运行的控制器,以及在用户会话中运行的代理.这两个进程可以通过命名管道进行通信,如果被用户杀死,控制器会重新启动代理.
You can end up with two processes, a controller which runs as an NT Service, and the agent which runs in the user's session. The two processes can communicate via a named pipe, with the controller restarting the agent if killed by the user.
不过,您还应该使用组策略或其他配置来锁定客户端以防止其他窗口打开.具体来说,软件限制政策允许您阻止未列入白名单的可执行文件运行.
You should also be using group policy or other configuration to lock down the client to prevent the other windows from opening in the first place, however. Specifically, Software Restriction Policies will allow you to prevent a non-whitelisted executable from ever running.
如果您使用的是 Windows 8.1,您还可以使用新推出的 自助服务终端模式.
If you are using Windows 8.1, you can also use the newly introduced Kiosk Mode.
这篇关于在另一个会话中枚举用户桌面的 Windows的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
