Unique situation with Windows Service


New member
Jan 10, 2007
Programming Experience
I have developed an application that allows us to force "Secondary AD Authentication" on users of a shared workstation. This secure workstation runs hardware (equipment) testing software 24/7, thus needs to run under a Group Account to prevent any downtime. However our client (and DOD)requires that we have a record of who is unlocking the desktop for interactive sessions.

My application detects desktop lock/unlock operations, and then opens a maximized, modal form that obscures the desktop. The User must enter their local Windows account info (UserName/Password) into the form and then click the login button. I take the user info and start a new System.Diagnostics process (Notepad.exe) using the User's credentials. If the process doesn't start, I log the failure in a custom Event Log. Three strikes and I relock the desktop.

If the process returns a handle, I know that the User has authenticated. I kill the process, log their success in a custom Event Log, and close the form. If there is no User activity on the desktop (mouse or keyboard) for 5 minutes, I relock the desktop.

This application needs to run 24/7 to capture all interactive sessions on the machine. Ideally I would like to run it wrapped in a Windows Service, but all of my efforts to get it running interactively have failed.

The closest I have come is using a Win32 API hack that swaps the process from the Local System desktop to the Default interactive desktop:

    Private Declare Function OpenWindowStation Lib "user32.dll" Alias "OpenWindowStationA" (ByVal lpszWinSta As String, ByVal fInherit As Boolean, ByVal dwDesiredAccess As Int32) As Int32
    Private Declare Function OpenDesktop Lib "user32.dll" Alias "OpenDesktopA" (ByVal lpszDesktop As String, ByVal dwFlags As Int32, ByVal fInherit As Boolean, ByVal dwDesiredAccess As Int32) As Int32
    Private Declare Function SetProcessWindowStation Lib "user32.dll" (ByVal hWinSta As Int32) As Int32
    Private Declare Function SetThreadDesktop Lib "user32.dll" (ByVal hDesktop As Int32) As Int32

    Public Sub MakeServiceInteractive()
        Dim lngDefaultDesktop As Int32
        Dim lngWinSta0 As Int32

        lngWinSta0 = OpenWindowStation("WinSta0", False, &H37F)

        lngDefaultDesktop = OpenDesktop("Default", 0&, False, &H10000000)
    End Sub

    Protected Overrides Sub OnStart(ByVal args() As String)
        Dim frmLCS As New LoginCapture
    End Sub

Unfortunately, this doesn't quite get it... The application begins running interactively as I start the Windows Service, but when I unlock the computer the modal windows form lands on the taskbar with no interactive capability. After 5 minutes, regardless of how much activity on the Default interactive desktop the modal form disappears from the taskbar. The Windows Service continues to run, but nothing else happens.

Obviously, I am not fully "transferring" the process to the Default interactive desktop, so there is no input getting to the application/service.

Has anyone ever accomplished this type of interactivity with a Windows Service? Or can someone recommend a viable alternative to achieve what I'm trying to do?

Thanks in advance for your assistance!
Top Bottom