Welcome to Vista Banter. You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
|
Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security) |
|
LinkBack | Thread Tools | Display Modes |
|
|||
LockWorkStation and WTSLogoffSession return error code 5 in a Vist
Hi,
I have written a service with "requestedExecutionLevel level="highestAvailable" " in the manifest file. In the service I call into LockWorkStation or WTSLogoffSession, which do not seem to be working on Vista. GetLastError to both the functions returns error code 5. Is there anything that I need to do. Please help. Thanks, Santosh |
|
|||
LockWorkStation and WTSLogoffSession return error code 5 in aVist
On 4/02/2010 22:21, Santosh Panchapakesan wrote:
I have written a service with "requestedExecutionLevel level="highestAvailable" " in the manifest file. In the service I call into LockWorkStation or WTSLogoffSession, which do not seem to be working on Vista. GetLastError to both the functions returns error code 5. It sounds like your Service is attempting to perform these actions (lock workstation, logout) for the interactive user, right? In Windows Vista and higher, Services do not run in the same Session as the logged-in user. Services run in Session 0; and users are in Sesssions 1, 2 3 and so on. So your Service cannot just cross session boundaries and log off a user in another session - that would be a security violation. Hence the Access Denied error. Start by reading this paper, and then redesign your Service accordingly: http://www.microsoft.com/whdc/system...n0Changes.mspx It may require more that just changing one or two lines of code; you may need to re-architect the whole thing. A few other references: http://windowsteamblog.com/blogs/dev...isolation.aspx http://msdn.microsoft.com/en-us/library/bb756986.aspx http://channel9.msdn.com/posts/Charl...-with-Desktop/ Hope it helps, Andrew -- amclar at optusnet dot com dot au |
|
|||
LockWorkStation and WTSLogoffSession return error code 5 in aVist
On 4/02/2010 22:21, Santosh Panchapakesan wrote:
I have written a service with "requestedExecutionLevel level="highestAvailable" " in the manifest file. In the service I call into LockWorkStation or WTSLogoffSession, which do not seem to be working on Vista. GetLastError to both the functions returns error code 5. It sounds like your Service is attempting to perform these actions (lock workstation, logout) for the interactive user, right? In Windows Vista and higher, Services do not run in the same Session as the logged-in user. Services run in Session 0; and users are in Sesssions 1, 2 3 and so on. So your Service cannot just cross session boundaries and log off a user in another session - that would be a security violation. Hence the Access Denied error. Start by reading this paper, and then redesign your Service accordingly: http://www.microsoft.com/whdc/system...n0Changes.mspx It may require more that just changing one or two lines of code; you may need to re-architect the whole thing. A few other references: http://windowsteamblog.com/blogs/dev...isolation.aspx http://msdn.microsoft.com/en-us/library/bb756986.aspx http://channel9.msdn.com/posts/Charl...-with-Desktop/ Hope it helps, Andrew -- amclar at optusnet dot com dot au |