会话、窗口站和桌面 [英] Sessions, Window stations and Desktops

问题描述

会话、窗口站和桌面.

一个会话由所有进程和代表一个的其他系统对象单个用户的登录会话.会话包含窗口站和窗口工作站包含桌面.

A session consists of all process and other system objects that represent a single user's logon session. Sessions contain Window Stations and Window Stations contain desktops.

以上来自http://blogs.technet.com/b/askperf/archive/2007/07/24/sessions-desktops-and-windows-stations.aspx

(类似的文章说同样的话，例如 blogs.technet.com/b/askperf/archive/2007/04/27/application-compatibility-session-0-isolation.aspx 和 blogs.msdn.com/b/ntdebugging/archive/2007/01/04/desktop-heap-overview.aspx)

(Similar articles say the same thing, e.g. blogs.technet.com/b/askperf/archive/2007/04/27/application-compatibility-session-0-isolation.aspx and blogs.msdn.com/b/ntdebugging/archive/2007/01/04/desktop-heap-overview.aspx)

我一直认为会话和登录会话是一回事.

I've always understood Sessions and logon sessions to be one and the same thing.

然而，阅读 p.474，Russinovich 和 Solomon，Windows Internals，第 5 版，它说(倒数第二段):

However, reading p. 474, Russinovich and Solomon, Windows Internals, 5th edition, it says (penultimate paragraph):

CreateProcessWithLogon 函数还通过创建新的令牌来创建令牌带有初始进程的登录会话，这就是 Runas 命令的方式在替代方案下启动流程令牌.

The CreateProcessWithLogon function also creates a token by creating a new logon session with an initial process, which is how the Runas command launches processes under alternative tokens.

所以 Runas 创建了一个新的登录会话.如果我们使用 Runas 在不同用户的凭据下运行记事本，我们会看到它出现在桌面上.所以记事本和其他所有东西都在同一个桌面上运行.(据我所知，这是 Window Station Winsta0 中的默认桌面；交互式窗口站.)所以我们现在拥有的是与同一个会话相关联的两个登录会话(即包含窗口站).所以会话和登录会话不会是一回事.

So Runas creates a new logon session. If we use Runas to run Notepad under a different user's credentials we see it appear on the desktop. So Notepad is running on the same desktop as everything else. (This is, as far as I understand it, the default desktop in Window Station Winsta0; the interactive window station.) So what we have now are two logon sessions associated with the same Session (the thing that contains window stations). So Sessions and logon sessions would not appear to be one and the same.

有人可以确认一下吗?

困惑

推荐答案

这里确实有两种类型的会话.这是我对它们工作方式的理解.

There are indeed two types of sessions here. Here's my understanding of how they work.

1. 登录会话_^[2] 由 本地管理安全机构_^[2]，并管理用户登录的范围.这些主要由 winlogon 进程创建，但也由 API 函数(例如 LogonUser、CreateProcessAsUser 和 CreateProcessWithLogonW,或使用这些功能的应用程序，例如 runas 命令.

1. A logon session_^[2] is managed by the Local Security Authority_^[2], and manages the scope of a user logon. These are created primarily by the winlogon process, but also secondarily by API functions such as LogonUser, CreateProcessAsUser, and CreateProcessWithLogonW, or by applications that use these functions, such as the runas command.

登录会话与任何特定的 对象管理器_^[2] 概念为窗口站和桌面.它基本上只是包含登录 SID 和有关帐户的一些缓存安全信息的信息块.此信息块，即此登录会话，是 访问令牌 指向的内容.

A logon session isn't tied to any specific Object Manager_^[2] concepts as window stations and desktops. It's basically just a block of information containing the logon SID and some cached security information about the account. This block of information, this logon session, is what an access token points to.

另一种类型的会话有时称为终端服务会话、终端服务器会话，远程桌面会话、登录会话(尽管如此令人困惑)、用户登录会话或用户会话.不过，通常它只是称为会话"，没有进一步的限定.

The other type of session is sometimes called a Terminal Services session, Terminal Server session, Remote Desktop session, logon session (as confusing as that is), user logon session, or user session. Usually, though, it's just called a "session", without further qualification.

这是您通常会听到的会话类型，也是 窗口站 属于.这种类型的会话应运而生支持多个交互式GUI登录，由终端服务(现在称为 远程桌面)提供，现在也用于支持快速用户切换.会话在与每个用户登录相关联的对象管理器对象之间提供必要的隔离.

This is the type of session that you'll usually hear about, and is what window stations belong to. This type of session came about to support multiple interactive GUI logons, as provided by Terminal Services (now known as Remote Desktop), and is now also used to support Fast User Switching. Sessions provide the necessary isolation between the Object Manager objects associated with each user logon.

我不会花太多时间来处理所有这些事情，所以我对一些细节有点模糊，但我认为这是对整体情况的相当公平的表示.我希望它能把事情弄清楚一点.

I don't spend much time messing with all this stuff, so I'm a little fuzzy on some of the details, but I think this is a pretty fair representation of the overall picture. I hope it clears things up a bit.

这篇关于会话、窗口站和桌面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！