Jump to content

How to run Interactive Services


wfunction

Recommended Posts


You can technically run interactive services on Windows Vista, but they must be run under the SYSTEM account (LocalSystem). Since everything that runs under the SYSTEM account runs under session 0 (short of some psexec or windbg hacking to get it to a different session), and session 0 is no longer viewable by anyone but the actual SYSTEM account, no one will see any UI provided by your service, nor will your service be able to send or receive messages from a different user-mode session (this is no longer allowed, due to so-called "shatter" attack vulnerabilities that can exist when this is enabled). The catch is that interactive services only work for session 0. The way it works on Windows 2000, Windows XP, and Server 2003, is session 0 is the session that the user on the physical console logs into – the actual keyboard, mouse and graphics hardware physically plugged into the machine. A twist on this is that in FUS (fast user switching) on Windows XP, the first user to log into the console gets session 0, and subsequent users get their own sessions starting with session 1, then session 2, and so on. Windows XP Professional will allow remote access to session 0 if the user currently logged in locally to session 0 logs in remotely, or if no user is currently logged in. Server 2003 will only allow remote access to session 0 if the /console switch is used with mstsc.exe. Windows 2000 will never remote to session 0, as it was not designed or supported under that OS.

This matters because users with other session numbers than 0 will never see the interactive service's UI, and this is now the default configuration in Windows Vista and Longhorn server. If you’re trying to create a dialog box to allow configuration changes, or notify a user of a problem or event in the service, then they will not see the dialog ever in Windows Vista, or until someone physically logs in at the console (or uses the /console switch on Server 2003) for Windows XP and Server 2003.

Read the whitepaper for more info on why interactive services on Vista are a bad idea, and for the most part don't work as they did on XP and older OSes. There's also links to helpful hints on how to rewrite your services so that they work under the new configuration in Windows Vista and Longhorn server.

Link to comment
Share on other sites

True - bad idea.

However, here's my problem: (Although since I dual boot with XP, I loaded the hive in XP and fixed it)

My device drivers were messed up, so I needed to delete registry keys. However, even if you're an Administrator, some keys are off-limits and do not inherit permissions. So for a single key, you need to set ten (or more or less) permission, one per subkey. So I need System privileges, where I can schedule Regedit. I did this in XP, but Vista won't help. And the dual-boot thing is a mess for loading/unloading hives.

Link to comment
Share on other sites

Download the latest psexec from sysinternals, and run "psexec.exe -s cmd" from an open command prompt window to change to a SYSTEM command prompt (you should see the title of the cmd prompt window change). You can then run regedit in that command prompt, and it will run regedit as the SYSTEM account, which should get you what you need.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...