question

AnshulMittal-2591 avatar image
0 Votes"
AnshulMittal-2591 asked AnshulMittal-2591 answered

COM Singleton and terminal server

I have a COM Singleton exe which always runs as administrator. It is responsible to start other COM servers for each user based on which user requests to start the COM server. (eg. If user 1 requests COM singleton to start COM server then the COM server is started as user 1(in task manager)). This works absolutely fine in remote desktop services. But in terminal server this functionality breaks.

In terminal server if user 1 requests to start COM server then COM server is started as User 1. After user 1 if any other user requests to start COM server it gets started as user 1 instead of the user requesting to start com server.

This is a critical issue and any help is appreciated.

c++windows-api-general
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Please don't repeat the question on the platform, you'd better show a minimal, reproducible sample without private information? This can help us determine whether this is the problem caused by the API. Thank you.

0 Votes 0 ·

I was able to narrow down issue in my program. My program reads explorer.exe to get the current user context (username) which is initiating the COM exe.

In normal remote desktop services the explorer.exe belonging to only current user is visible so the COM exe is started as correct user.

In terminal server the explorer.exe of both current user and other users is visible due to which software reads the explorer.exe of other user and launches COM server as different user.

Is there any way to correct this in terminal services? Why is explorer.exe of other users visible in terminal server users? Is there any setting or way to prevent this?

wstring wsProcessName = L"explorer";
DWORD pid = GetProcessPid(wsProcessName.c_str());
HANDLE hProcessToken = GetProcessAccessToken(pid);

and more processing on the pid of explorer.exe which i cannot share on portal.


0 Votes 0 ·

HANDLE hProc = OpenProcess(PROCESS_QUERY_INFORMATION, false, pid);
OpenProcessToken(hProc, access, &hTok) == FALSE

0 Votes 0 ·
GuidoFranzke avatar image
0 Votes"
GuidoFranzke answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AnshulMittal-2591 avatar image
0 Votes"
AnshulMittal-2591 answered

I have narrowed down my question even more. The issue is that the COM server exe1 is singleton which initiates another COM server exe2. It is not able to detect interactive user correctly. Example if User2 is requesting exe1 to initiate exe2 the interactive user should be User2 and exe2 should be initiated as User2, but it is being initiated as User1 because exe1 identified interactive user incorrectly.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.