Interacting with winlogon Desktop of Windows Vista

Discussion:

(too old to reply)

tran kien

2007-10-12 07:04:00 UTC

Hi everybody,

Now I'm writing a software which interacts with winlogon Desktop of Vista. I
want to control winlogon desktop such as show a message box, draw a icon on
winlogon desktop...
But when I opendesktop(), I always meet a message: "Access is denied."

hDesktop = OpenDesktop(
TEXT("Winlogon"),
0,
FALSE,
DESKTOP_CREATEMENU |
DESKTOP_CREATEWINDOW |
DESKTOP_ENUMERATE |
DESKTOP_HOOKCONTROL |
DESKTOP_JOURNALPLAYBACK |
DESKTOP_JOURNALRECORD |
DESKTOP_READOBJECTS |
DESKTOP_SWITCHDESKTOP |
DESKTOP_WRITEOBJECTS |
READ_CONTROL |
WRITE_DAC |
WRITE_OWNER );

I make a windows service to run my program when logon. I don't know why it
show error "Access is denied."

If you know that, please show me. Thank you very much

Norman Diamond

2007-10-12 09:51:22 UTC

Permalink

It's usually a bad idea for a service to open a user's desktop, but I'm not
sure about a winlogon desktop.

Anyway, if you're a service then you're running in session 0, and the
winlogon desktop is running in some other session. Are you sure that you
opened the console session before looking for a winlogon desktop?

Post by tran kien
Hi everybody,
Now I'm writing a software which interacts with winlogon Desktop of Vista. I
want to control winlogon desktop such as show a message box, draw a icon on
winlogon desktop...
But when I opendesktop(), I always meet a message: "Access is denied."
hDesktop = OpenDesktop(
TEXT("Winlogon"),
0,
FALSE,
DESKTOP_CREATEMENU |
DESKTOP_CREATEWINDOW |
DESKTOP_ENUMERATE |
DESKTOP_HOOKCONTROL |
DESKTOP_JOURNALPLAYBACK |
DESKTOP_JOURNALRECORD |
DESKTOP_READOBJECTS |
DESKTOP_SWITCHDESKTOP |
DESKTOP_WRITEOBJECTS |
READ_CONTROL |
WRITE_DAC |
WRITE_OWNER );
I make a windows service to run my program when logon. I don't know why it
show error "Access is denied."
If you know that, please show me. Thank you very much

Ivan Brugiolo [MSFT]

2007-10-12 10:03:35 UTC

Permalink

Are you opening the desktop across sessions ?
In Vista, services runs in session 0, and, the winlogon desktop of
the session attached to the glass terminal (AKA: the console)
is normally in a different session.
--
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Kellie Fitton

2007-10-12 16:00:34 UTC

Permalink

Hi,

Winlogon creates three desktops: a user desktop, a system desktop,
and a screen saver desktop. However, an interactively logged-on user
will have read access to the system desktop and full access to the
user desktop. Nonetheless, you can use the following APIs to create
alternate application desktops for the user:

WlxInitialize()

WlxCreateUserDesktop()

WlxSwitchDesktopToUser()

WlxSwitchDesktopToWinlogon()

WlxCloseUserDesktop()

http://msdn2.microsoft.com/en-us/library/aa380567.aspx

http://msdn2.microsoft.com/en-us/library/aa380553.aspx

http://msdn2.microsoft.com/en-us/library/aa381005.aspx

http://msdn2.microsoft.com/en-us/library/aa381074.aspx

http://msdn2.microsoft.com/en-us/library/aa380552.aspx

Kellie.

tran kien

2007-10-13 07:41:00 UTC

Permalink

Hi everybody,

I will talk clearly about my program:
My program has a function "Interacting with winlogon Desktop of windows
Vista". Simply, this function will make a message box on winlogon desktop.
So, I make a windows service to always run to catch Windows event "winlogon
desktop appear". I know in Vista, service run in Session, user and their
application will run on Session 1,2, 3... Therefore, in my service, when
there is event "winlogon desktop", I call function CreateProcessAsUser() to
create a process in same session with user logon. This process has
responsibility open winlogon desktop and show message box on it.

Snip code of that process:
GetProcessWindowStation();

GetThreadDesktop(GetCurrentThreadId());

hWinsta = OpenWindowStation("winsta0", FALSE,
WINSTA_ACCESSCLIPBOARD |
WINSTA_ACCESSGLOBALATOMS |
WINSTA_CREATEDESKTOP |
WINSTA_ENUMDESKTOPS |
WINSTA_ENUMERATE |
WINSTA_EXITWINDOWS |
WINSTA_READATTRIBUTES |
WINSTA_READSCREEN |
WINSTA_WRITEATTRIBUTES);
SetProcessWindowStation(hWinsta))

hDesktop = OpenDesktop( /*We got to open the old desktop again */
TEXT("Winlogon"), // name of the desktop to open
0, // flags to control interaction with other
// applications
FALSE, // specifies whether returned handle is
// inheritable
DESKTOP_CREATEMENU |// specifies access of returned handle
DESKTOP_CREATEWINDOW |
DESKTOP_ENUMERATE |
DESKTOP_HOOKCONTROL |
DESKTOP_JOURNALPLAYBACK |
DESKTOP_JOURNALRECORD |
DESKTOP_READOBJECTS |
DESKTOP_SWITCHDESKTOP |
DESKTOP_WRITEOBJECTS);

if(!SetThreadDesktop(hDesktop))
{
sprintf(c_temp, "FAIL SetThreadDesktop(hDesktop)->GetLastError()= %d",
GetLastError());
CLog::WriteLogLn(c_temp);
goto exit;
}
else
{
}

CLog::WriteLogLn("MessageBox prepare");

dwAnswer = MessageBox(NULL, "Sample Message", "Sample Service Proc",MB_YESNO
);

if(dwAnswer == IDNO)
{
MessageBox(NULL, "Stopping MessageBox loop then", "Goodbye.",MB_OK);
}
exit:

Norman Diamond

2007-10-15 01:02:25 UTC

Permalink

I still don't see a call to WTSGetActiveConsoleSessionId in your sample
code, so it still looks like you're searching for a winlogon desktop in
session 0.

Also if you only want to display a message box, did you try WTSSendMessage?
For me it has been somewhat random, if the current console's desktop is a
winlogon desktop then WTSSendMessage might or might not work. But did you
try it?

Post by tran kien
Hi everybody,
My program has a function "Interacting with winlogon Desktop of windows
Vista". Simply, this function will make a message box on winlogon desktop.
So, I make a windows service to always run to catch Windows event "winlogon
desktop appear". I know in Vista, service run in Session, user and their
application will run on Session 1,2, 3... Therefore, in my service, when
there is event "winlogon desktop", I call function CreateProcessAsUser() to
create a process in same session with user logon. This process has
responsibility open winlogon desktop and show message box on it.
GetProcessWindowStation();
GetThreadDesktop(GetCurrentThreadId());
hWinsta = OpenWindowStation("winsta0", FALSE,
WINSTA_ACCESSCLIPBOARD |
WINSTA_ACCESSGLOBALATOMS |
WINSTA_CREATEDESKTOP |
WINSTA_ENUMDESKTOPS |
WINSTA_ENUMERATE |
WINSTA_EXITWINDOWS |
WINSTA_READATTRIBUTES |
WINSTA_READSCREEN |
WINSTA_WRITEATTRIBUTES);
SetProcessWindowStation(hWinsta))
hDesktop = OpenDesktop( /*We got to open the old desktop again */
TEXT("Winlogon"), // name of the desktop to open
0, // flags to control interaction with other
// applications
FALSE, // specifies whether returned handle is
// inheritable
DESKTOP_CREATEMENU |// specifies access of returned handle
DESKTOP_CREATEWINDOW |
DESKTOP_ENUMERATE |
DESKTOP_HOOKCONTROL |
DESKTOP_JOURNALPLAYBACK |
DESKTOP_JOURNALRECORD |
DESKTOP_READOBJECTS |
DESKTOP_SWITCHDESKTOP |
DESKTOP_WRITEOBJECTS);
if(!SetThreadDesktop(hDesktop))
{
sprintf(c_temp, "FAIL SetThreadDesktop(hDesktop)->GetLastError()= %d",
GetLastError());
CLog::WriteLogLn(c_temp);
goto exit;
}
else
{
}
CLog::WriteLogLn("MessageBox prepare");
dwAnswer = MessageBox(NULL, "Sample Message", "Sample Service
Proc",MB_YESNO
);
if(dwAnswer == IDNO)
{
MessageBox(NULL, "Stopping MessageBox loop then", "Goodbye.",MB_OK);
}

J de Boyne Pollard

2007-10-15 13:32:27 UTC

Permalink

tk> My program has a function "Interacting with winlogon Desktop of
windows
tk> Vista". Simply, this function will make a message box on
winlogon
tk> desktop. So, I make a windows service [...]

Your program's specification is faulty. Services don't do this on
Windows NT 6. Microsoft has effectively said "Don't do this. It's
not going to work; and that's intentional.". Listen, and fix your
program's specification. It is currently wrongheaded and bad.

<URL:http://msdn2.microsoft.com./en-us/library/ms683502.aspx>
<URL:http://download.microsoft.com./download/9/c/
5/9c5b2167-8017-4bae-9fde-d599bac8184a/Session0_Vista.doc>
<URL:http://support.microsoft.com./kb/925518>

t***@designerware.com

2007-10-15 18:45:03 UTC

Permalink

I'm trying to do the same thing. I have it working on Windows XP but
cannot interact with Vista. To clarify, my service is running under
the systemaccount and I want to display a License(EULA) that the user
must read and acknowledge by clicking ok. This is a security
requirement for my software that tells them they are tracked and by
using the computer they understand they will be monitored. I know I
could inject this into the registry to be started when the user logs
on, but we've had users remove it from the registry. Launching the
program from a service makes it more secure and it currently works
just fine under XP.

So everyone knows, I have two programs just like MS recommends. The
service is one and it is trying to lanuch the second program into
WinStat0\Winlogin. The service interacts with the second program
using pipes; just like Microsoft suggests. My service also waits
until it sees the console connect then it launches the program.

My question do I have to have the program launched to session 1 or
session 0; in otherwords before anyone logs onto Vista where is the
Winlogin running?

Secondly, if it's session 1 then I'm assuming I will have to switch to
session 1 somehow? Should I grab the token of winlogin.exe and
DuplicateTokenEx and then use CreateProcessAsUser? I tried this but
it didn't seem to work.

Any help would be appreciated, thanks

TK

Norman Diamond

2007-10-16 00:16:54 UTC

Permalink

If you launch your program in session 0 then the user will never see it. If
you launch your program in session 1 then there's a random chance that the
user will see it.

In my experience, if you launch your program in the session number that is
returned by WTSGetActiveConsoleSessionId, then there's still a random chance
that the user will see it. But at least if you do it that way, the
randomness might not be your fault.

Post by t***@designerware.com
I'm trying to do the same thing. I have it working on Windows XP but
cannot interact with Vista. To clarify, my service is running under
the systemaccount and I want to display a License(EULA) that the user
must read and acknowledge by clicking ok. This is a security
requirement for my software that tells them they are tracked and by
using the computer they understand they will be monitored. I know I
could inject this into the registry to be started when the user logs
on, but we've had users remove it from the registry. Launching the
program from a service makes it more secure and it currently works
just fine under XP.
So everyone knows, I have two programs just like MS recommends. The
service is one and it is trying to lanuch the second program into
WinStat0\Winlogin. The service interacts with the second program
using pipes; just like Microsoft suggests. My service also waits
until it sees the console connect then it launches the program.
My question do I have to have the program launched to session 1 or
session 0; in otherwords before anyone logs onto Vista where is the
Winlogin running?
Secondly, if it's session 1 then I'm assuming I will have to switch to
session 1 somehow? Should I grab the token of winlogin.exe and
DuplicateTokenEx and then use CreateProcessAsUser? I tried this but
it didn't seem to work.
Any help would be appreciated, thanks
TK

t***@designerware.com

2007-10-16 14:01:23 UTC

Permalink

Post by Norman Diamond
If you launch your program in session 0 then the user will never see it. If
you launch your program in session 1 then there's a random chance that the
user will see it.
In my experience, if you launch your program in the session number that is
returned by WTSGetActiveConsoleSessionId, then there's still a random chance
that the user will see it. But at least if you do it that way, the
randomness might not be your fault.

Post by t***@designerware.com
I'm trying to do the same thing. I have it working on Windows XP but
cannot interact withVista. To clarify, my service is running under
the systemaccount and I want to display a License(EULA) that the user
must read and acknowledge by clicking ok. This is a security
requirement for my software that tells them they are tracked and by
using the computer they understand they will be monitored. I know I
could inject this into the registry to be started when the user logs
on, but we've had users remove it from the registry. Launching the
program from a service makes it more secure and it currently works
just fine under XP.
So everyone knows, I have two programs just like MS recommends. The
service is one and it is trying to lanuch the second program into
WinStat0\Winlogin. The service interacts with the second program
using pipes; just like Microsoft suggests. My service also waits
until it sees the console connect then it launches the program.
My question do I have to have the program launched to session 1 or
session 0; in otherwords before anyone logs ontoVistawhere is the
Winlogin running?
Secondly, if it's session 1 then I'm assuming I will have to switch to
session 1 somehow? Should I grab the token of winlogin.exe and
DuplicateTokenEx and then use CreateProcessAsUser? I tried this but
it didn't seem to work.
Any help would be appreciated, thanks
TK- Hide quoted text -

- Show quoted text -

Actually, I do NOT want the program to be launched in the user
session. I want the program to be seen before any user logs on. The
idea is you turn on the PC and before you login to Vista the program
displays the confirmation and the user has to acknowleged it by
clicking on the checkbox and clicking ok. In XP this is easy to do
because my service just launches the program to the WinStat0\Winlogon
desktop.

In Vista the program launches but it can not be seen, is this because
the Winlogon screen is really session 1 when you first boot? Or is
there something goofy in Vista that needs set?

Chris Becke

2007-10-16 14:18:17 UTC

Permalink

Its something goofy in Vista that you can't set. Your applications
requirements are in conflict with what MS allow in Vista. And rightly so in
my mind.

You are trying to do the impossible, and by impossible I mean that any means
you find to do what you want to will more than likley be broken by
subsequent Vista security patches service pack or operating system upgrade.

Anyway, before "any user" has logged on, no one has authenticated themselves
and hence it is not possible to audit that a legitimate (i.e. authorised to
use the system) user "accepted" the confirmation. So youre requirements are
doubly invalid.

Post by t***@designerware.com
Actually, I do NOT want the program to be launched in the user
session. I want the program to be seen before any user logs on. The
idea is you turn on the PC and before you login to Vista the program
displays the confirmation and the user has to acknowleged it by
clicking on the checkbox and clicking ok. In XP this is easy to do
because my service just launches the program to the WinStat0\Winlogon
desktop.
In Vista the program launches but it can not be seen, is this because
the Winlogon screen is really session 1 when you first boot? Or is
there something goofy in Vista that needs set?

J de Boyne Pollard

2007-10-16 14:56:37 UTC

Permalink

ND> If you launch your program in session 0 then the user will never
ND> see it. If you launch your program in session 1 then there's a
ND> random chance that the user will see it. [...]

tk> Actually, I do NOT want the program to be launched in the user
tk> session. I want the program to be seen before any user logs on.

You are conflating sessions and login sessions.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/windows-nt-
session.html>

tk> In Vista the program launches but it can not be seen, is this
tk> because the Winlogon screen is really session 1 when you
tk> first boot?

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/windows-nt-6-
boot-process.html>

Norman Diamond

2007-10-17 01:06:10 UTC

Permalink

Actually, I do NOT want the program to be launched in the user session. I
want the program to be seen before any user logs on.

WTSGetActiveConsoleSessionId will tell you the Terminal Services session
number of the active console, regardless of whether a user is logged into
it. Some of the other WTS____ APIs will tell you if a user is logged in or
not. The TS session number will not always be 1, but when Vista behaves as
documented the TS session number will never be 0 in Vista. Services are in
session 0 so you have to find and open the active session.

Beware that at least one of the WTS____ APIs is broken in the ANSI version.
If your program is Unicode then it will probably be all right, though I
still don't know how to predict if your message box will be shown properly.
If your program is ANSI then you must explicitly call the _____W versions of
the APIs and then call WideCharToMultiByte.

tran kien

2007-10-23 07:25:01 UTC

Permalink

I think we have a issue now. If we interact with winlogon desktop we must
know time which winlogon desktop start.
Because a optimal program must run exact time and delete as soon as we don'
t need it.
So I designed program follow:

( Because I don't know how to add picture to groupnews so please click the
link : http://www.mediafire.com/?fmldwti1mxm (picture:
InteractWinlogonDesktop.bmp))

As my picture show, I see that I need create a process to interact with
every winlogon desktop in every session. When every session start, at the
same time, winlogon process and winlogon desktop also start.
Now I have a issue: how to catch event "winlogon desktop appear" or envent
"session appear" (in Vista every user in every session)

I tried two way:

1. using SENS (System Event Notification Services)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/syncmgr/syncmgr/system_event_notification_service_start_page.asp

2. using WTSRegisterSessionNotification
http://msdn2.microsoft.com/en-us/library/aa383841.aspx

But two ways have weak points:
First way: SENS (in this probem, I use ISensLogon interface of SENS) always
notify after user logon, logoff. But my require must catch this event as soon
as event happen.
Second way: function WTSRegisterSessionNotification() require a windows
handle to receive notification about event, but I don't have permission to
create a windows handle in my program.

So, do you have any way to do this task? Please tell me.
Thank you very much.

Post by Norman Diamond

Actually, I do NOT want the program to be launched in the user session. I
want the program to be seen before any user logs on.

WTSGetActiveConsoleSessionId will tell you the Terminal Services session
number of the active console, regardless of whether a user is logged into
it. Some of the other WTS____ APIs will tell you if a user is logged in or
not. The TS session number will not always be 1, but when Vista behaves as
documented the TS session number will never be 0 in Vista. Services are in
session 0 so you have to find and open the active session.
Beware that at least one of the WTS____ APIs is broken in the ANSI version.
If your program is Unicode then it will probably be all right, though I
still don't know how to predict if your message box will be shown properly.
If your program is ANSI then you must explicitly call the _____W versions of
the APIs and then call WideCharToMultiByte.

Norman Diamond

2007-10-24 01:00:14 UTC

Permalink

Sorry I haven't used the APIs that you discuss here, and can only help a
little bit.

Since your service communicates with winlogon desktops and not users'
desktops, it seems strange to see a call to CreateProcessAsUser. If your
service runs in the Local System account, I think you can open winlogon
desktops. If I forgot something, maybe you need to add some privileges to
your process. Again, if your service runs in the Local System account, then
your process starts with enough privileges to add any additional privileges
that it needs.

If you're going to display anything on users' desktops then of course you
need to call CreateProcessAsUser and lock down any dangerous privileges (so
that if some other process attacks yours then yours won't be able to perform
any dangerous operations).

Post by tran kien
I think we have a issue now. If we interact with winlogon desktop we must
know time which winlogon desktop start.
Because a optimal program must run exact time and delete as soon as we don'
t need it.
( Because I don't know how to add picture to groupnews so please click the
InteractWinlogonDesktop.bmp))
As my picture show, I see that I need create a process to interact with
every winlogon desktop in every session. When every session start, at the
same time, winlogon process and winlogon desktop also start.
Now I have a issue: how to catch event "winlogon desktop appear" or envent
"session appear" (in Vista every user in every session)
1. using SENS (System Event Notification Services)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/syncmgr/syncmgr/system_event_notification_service_start_page.asp
2. using WTSRegisterSessionNotification
http://msdn2.microsoft.com/en-us/library/aa383841.aspx
First way: SENS (in this probem, I use ISensLogon interface of SENS) always
notify after user logon, logoff. But my require must catch this event as soon
as event happen.
Second way: function WTSRegisterSessionNotification() require a windows
handle to receive notification about event, but I don't have permission to
create a windows handle in my program.
So, do you have any way to do this task? Please tell me.
Thank you very much.

Post by Norman Diamond

Actually, I do NOT want the program to be launched in the user session.
I
want the program to be seen before any user logs on.

WTSGetActiveConsoleSessionId will tell you the Terminal Services session
number of the active console, regardless of whether a user is logged into
it. Some of the other WTS____ APIs will tell you if a user is logged in or
not. The TS session number will not always be 1, but when Vista behaves as
documented the TS session number will never be 0 in Vista. Services are in
session 0 so you have to find and open the active session.
Beware that at least one of the WTS____ APIs is broken in the ANSI version.
If your program is Unicode then it will probably be all right, though I
still don't know how to predict if your message box will be shown properly.
If your program is ANSI then you must explicitly call the _____W versions of
the APIs and then call WideCharToMultiByte.

tran kien

2007-10-25 02:04:00 UTC

Permalink

Dear Norman Diamond,

So, I see your idea. In another session (not session 0). I created
every
process run in every session. These process will open winlogon desktop which
in
same session with it.
But I always meet error "Cannot create a file when that file already
exists." error code 183
when using function OpenDesktop(). ( I saw log file and I see process run
same session and it start same time with winlogon desktop start)

Do you know why?

Post by Norman Diamond
Sorry I haven't used the APIs that you discuss here, and can only help a
little bit.
Since your service communicates with winlogon desktops and not users'
desktops, it seems strange to see a call to CreateProcessAsUser. If your
service runs in the Local System account, I think you can open winlogon
desktops. If I forgot something, maybe you need to add some privileges to
your process. Again, if your service runs in the Local System account, then
your process starts with enough privileges to add any additional privileges
that it needs.
If you're going to display anything on users' desktops then of course you
need to call CreateProcessAsUser and lock down any dangerous privileges (so
that if some other process attacks yours then yours won't be able to perform
any dangerous operations).

Post by Norman Diamond

Actually, I do NOT want the program to be launched in the user session.
I
want the program to be seen before any user logs on.

WTSGetActiveConsoleSessionId will tell you the Terminal Services session
number of the active console, regardless of whether a user is logged into
it. Some of the other WTS____ APIs will tell you if a user is logged in or
not. The TS session number will not always be 1, but when Vista behaves as
documented the TS session number will never be 0 in Vista. Services are in
session 0 so you have to find and open the active session.
Beware that at least one of the WTS____ APIs is broken in the ANSI version.
If your program is Unicode then it will probably be all right, though I
still don't know how to predict if your message box will be shown properly.
If your program is ANSI then you must explicitly call the _____W versions of
the APIs and then call WideCharToMultiByte.

Norman Diamond

2007-10-25 06:03:00 UTC

Permalink

Sorry, I don't know what would cause that error.

A few years ago in XP I called some APIs from a service such as
OpenWindowStation and OpenInputDesktop (but not in Vista). More recently in
Vista I used some APIs such as WTSGetActiveConsoleSessionId and
WTSSendMessage and WTSQuerySessionInformationW. But I didn't use all of
these in combination in one program, and I didn't get the same error that
you got. Sorry I can't help.

Post by tran kien
Dear Norman Diamond,
So, I see your idea. In another session (not session 0). I created
every
process run in every session. These process will open winlogon desktop which
in
same session with it.
But I always meet error "Cannot create a file when that file already
exists." error code 183
when using function OpenDesktop(). ( I saw log file and I see process run
same session and it start same time with winlogon desktop start)
Do you know why?

Post by tran kien
I think we have a issue now. If we interact with winlogon desktop we must
know time which winlogon desktop start.
Because a optimal program must run exact time and delete as soon as we don'
t need it.
( Because I don't know how to add picture to groupnews so please click the
InteractWinlogonDesktop.bmp))
As my picture show, I see that I need create a process to interact with
every winlogon desktop in every session. When every session start, at the
same time, winlogon process and winlogon desktop also start.
Now I have a issue: how to catch event "winlogon desktop appear" or envent
"session appear" (in Vista every user in every session)
1. using SENS (System Event Notification Services)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/syncmgr/syncmgr/system_event_notification_service_start_page.asp
2. using WTSRegisterSessionNotification
http://msdn2.microsoft.com/en-us/library/aa383841.aspx
First way: SENS (in this probem, I use ISensLogon interface of SENS) always
notify after user logon, logoff. But my require must catch this event
as
soon
as event happen.
Second way: function WTSRegisterSessionNotification() require a windows
handle to receive notification about event, but I don't have permission to
create a windows handle in my program.
So, do you have any way to do this task? Please tell me.
Thank you very much.

Post by Norman Diamond

Actually, I do NOT want the program to be launched in the user session.
I
want the program to be seen before any user logs on.

WTSGetActiveConsoleSessionId will tell you the Terminal Services session
number of the active console, regardless of whether a user is logged into
it. Some of the other WTS____ APIs will tell you if a user is logged
in
or
not. The TS session number will not always be 1, but when Vista
behaves
as
documented the TS session number will never be 0 in Vista. Services
are
in
session 0 so you have to find and open the active session.
Beware that at least one of the WTS____ APIs is broken in the ANSI version.
If your program is Unicode then it will probably be all right, though I
still don't know how to predict if your message box will be shown properly.
If your program is ANSI then you must explicitly call the _____W
versions
of
the APIs and then call WideCharToMultiByte.