如何设置"与桌面"互动;在Windows安装程序服务 [英] How to set "interact with desktop" in windows service installer
问题描述
我有这下系统帐户下运行,并从时间执行一些程序的时间窗口服务(啊,是啊,我知道这是一个不好的做法,但是这不是我的决定的)。我需要设置交互与桌面检查,一看就知道执行的程序的图形用户界面,安装售后服务。我尝试了几种方法,将下面的代码在AfterInstall或OnCommited我的服务安装程序的事件处理程序:
I have a windows service which runs under system account and executes some programs from time to time (yeah,yeah, I know that's a bad practice, but that's not my decision). I need to set the "interact with desktop" check, to see the gui of that executed programs, after the service is installed. I've tried several ways, putting the code below in AfterInstall or OnCommited event handlers of my service installer:
ConnectionOptions coOptions = new ConnectionOptions();
coOptions.Impersonation = ImpersonationLevel.Impersonate;
ManagementScope mgmtScope = new System.Management.ManagementScope(@"root\CIMV2", coOptions);
mgmtScope.Connect();
ManagementObject wmiService = new ManagementObject("Win32_Service.Name='" + ServiceMonitorInstaller.ServiceName + "'");
ManagementBaseObject InParam = wmiService.GetMethodParameters("Change");
InParam["DesktopInteract"] = true;
ManagementBaseObject OutParam = wmiService.InvokeMethod("Change", InParam, null);
或
RegistryKey ckey = Registry.LocalMachine.OpenSubKey(
@"SYSTEM\CurrentControlSet\Services\WindowsService1", true);
if(ckey != null)
{
if(ckey.GetValue("Type") != null)
{
ckey.SetValue("Type", ((int)ckey.GetValue("Type") | 256));
}
}
这两种方法的工作。他们设置了检查,但之后我启动该服务推出它的EXE - 并没有显示GUI!所以,如果我停止服务,请重新检查并再次启动 - 宾果!一切开始和被示出。为了实现结果的第二种方法是重新启动 - 它后GUI也显示
both of these methods "work". They set the check, but after I start the service it launches the exe - and gui isn't shown! So, if I stop the service, recheck and start it again - bingo! everything starts and is shown. The second way to achieve the result is to reboot - after it the gui is also shown.
所以现在的问题是:有没有将与桌面交互的正确道路?检查,所以它会不会开始工作重新检查并重新启动
So the question is: Is there a correct way to set "interact with desktop" check, so it'll start working without rechecks and reboots?
操作系统:Windows XP(还没有尝试过Vista和Windows 7尚未...)
OS: Windows XP (haven't tried Vista and 7 yet...)
推荐答案
和搜索互联网了一个星期后,终于 - 我发现了一个伟大的工作方案:
的 http://asprosys.blogspot.com/2009/03/allow-service -to-互动与 - desktop.html
And finally after searching the internet for a week - I've found a great working solution: http://asprosys.blogspot.com/2009/03/allow-service-to-interact-with-desktop.html
在桌面找到发射到。此
可以似乎开玩笑但它并不像
简单,因为它似乎。随着终端
服务和快速用户切换有
可以是多个交互用户
登录到计算机在同一
时间。如果你想为当前坐在物理
控制台
用户,那么你很幸运,在
终端服务API调用
WTSGetActiveConsoleSessionId将得到
你会话ID需要。如果
需要更复杂(例如,你需要
键与
TS服务器上的特定用户交互或者在一个非交互需要的
窗口站的名称
会话),你需要枚举与
WTSEnumerateSessions的
终端服务器会话,并检查
会话需要
与WTSGetSessionInformation的信息。
Find the desktop to launch into. This may seem facetious but it isn't as simple as it seems. With Terminal Services and Fast User Switching there can be multiple interactive users logged on to the computer at the same time. If you want the user that is currently sitting at the physical console then you're in luck, the Terminal Services API call WTSGetActiveConsoleSessionId will get you the session ID you need. If your needs are more complex (i.e. you need to interact with a specific user on a TS server or you need the name of the window station in a non-interactive session) you'll need to enumerate the Terminal Server sessions with WTSEnumerateSessions and check the session for the information you need with WTSGetSessionInformation.
现在,你知道你需要什么会议,
交互和你有其ID。
这是关键的全过程,采用WTSQueryUserToken和
你现在可以检索用户的
令牌
会话ID登录到
目标会话。这完全
减轻了
的安全问题与桌面交互的设置,
启动的过程中不会与本地系统
凭据,但与运行
同样的
凭据,这是
用户已经登录到该会话!无
权限提升
Now you know what session you need to interact with and you have its ID. This is the key to the whole process, using WTSQueryUserToken and the session ID you can now retrieve the token of the user logged on to the target session. This completely mitigates the security problem of the 'interact with the desktop' setting, the launched process will not be running with the LOCAL SYSTEM credentials but with the same credentials as the user that is already logged on to that session! No privilege elevation.
使用CreateProcessAsUser和我们已经取回我们可以启动
中的过程中的正常方式
令牌,并将其
将与
目标用户的凭据目标会话中运行。有
是一个警告夫妇,两个
lpCurrentDirectory和lpEnvironment
必须指向有效的值 -
这些参数不为工作
正常的默认解决方法
跨会话启动。您可以使用
CreateEnvironmentBlock创建为
目标用户
默认环境块。
Using CreateProcessAsUser and the token we have retrieved we can launch the process in the normal way and it will run in the target session with the target user's credentials. There are a couple of caveats, both lpCurrentDirectory and lpEnvironment must point to valid values - the normal default resolution methods for these parameters don't work for cross-session launching. You can use CreateEnvironmentBlock to create a default environment block for the target user.
存在附加的工作项目的源代码。
There is source code of the working project attached.
这篇关于如何设置"与桌面"互动;在Windows安装程序服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
