"Sumeet" <> wrote...
> We want to launch a process in user session from our service running in a
> Local System account. This is accomplished by calling the
> CreateProcessAsUser
> () API. The required process launches in the user's session as expected.
> However, if the process has a window associated with it, the window does
> not
> appear on top of all open windows (works fine in Windows XP). In order to
Hi Sumeet,
You'll probably get better results asking in a newsgroup like
microsoft.public.platformsdk.security.
The "microsoft.public.windows.vista.general" newsgroup is oriented towards
end-users; very few people here are Win32 programmers. In fact most folk
here don't have any technical knowledge at all, they're just users.
The security context of the spawned process may be a factor. You service
will probably be running with low IL ("Integrity level"). The
CreateProcessAsUser()-spawned process will need a higher integrity level, in
order to display on the user's desktop - it would need to be digitally
signed; and have a manifest with uiaccess=true, before windows will be
visible. Otherwise, no window will be visible. Except, in Vista, you cannot
create an elevated process (ie with higher integrity level) by using
CreateProcessAsUser()!! To create a process with a higher integrity level,
you need to use ShellExecute(). To create a visible window, you might need
to create a "worker" process in the user's session using
CreateProcessAsUser(); which in turn calls ShellExecute(), to create the
"real" spawned process which does the work of displaying windows etc. It
sounds clunky; but this is certainly what some other people have
successfully tried.
Trying to port an interactive service application from XP to Vista involves
more than adjusting a few lines of code; ideally, you should sit down and
really study Vista's UAC architecture. And be prepared to redesign the whole
application from scratch. Yes, this is a lot of work; but in the end it will
be quicker, more reliable, and with fewer ongoing maintenance costs. By the
way, if you're planning to send WM_ messages from the service to the user's
process (eg SendMessage()) - give up, it won't work. You'll need to use RPC,
Named Pipes, or some other form of inter-process communication.
Overall, I'd try a group like microsoft.public.win32.programmer.ui or
microsoft.public.platformsdk.security. You're more likely to get good
answers there (well ... better than mine, anyway! :-).
Not that it directly addresses your issue, but a couple of resources that
might be helpful:
Video of Vineet Sarda from Microsoft, describing how he converted an XP
interactive service into a service plus interactive application, for Vista
(with code examples)
http://channel9.msdn.com/ShowPost.aspx?PostID=263925
Good article on the whole UAC thing, from a programmer's perspective ..
http://www.codeproject.com/useritems...select=2196846
Hope it helps. Good luck with the project!
--
Andrew McLaren
amclar (at) optusnet dot com dot au
Similar Threads
Linear Mode
