How to launch a program to the WinSta0\\Winlogon desktop from service RRS feed

  • Question

  • Hi Guys,

    My goal is to run a program before user even log on to system in vista. Here are couple of links i have already went through. These codes are working fine when ever we are dealing with WinSta0\\default desktop when user is log on but my requirements are different.




    Steps that wosks fine
    1. Get the Active Console SessionId using WTSGetActiveConsoleSessionId
    2. Since I need to launch the application under a system account, I use the token from Winlogon, since Winlogon runs under the system account. So I obtain the process ID of Winlogon and Duplicate the token.
    3. Then I make sure I sent the startupinfo parameter lpDesktop to winsta0\Default since I need to launch my process there.
    4. Then I use CreateProcessAsUser with Winlogon's duplicate token to launch my process into session 1.
    5. That's all. I am done.
    I got this working on Vista but I would like to launch a progrma to the WinSta0\\Winlogon desktop. Anyone have any ideas? When I change the desktop to WinSta0\\Winlogon the application does not appear on the logon screen. However, when I run the program on XP it works.

    Vista must have the Winlogon Desktop permissions set differently, I added "SeTcbPrivilege" but that did no good. Also, if I look at taskmgr I see the program started along with CreateProcessAsUser not returning any errors. It appears to work, just cannot see the application on the WinSta0\\Winlogon desktop. Anyone have any ideas?
    Wednesday, December 5, 2007 5:28 PM

All replies

  • Hi Guys,

    Still waiting for the right answer. I know this is possible as Real VNC is doing it in there Personal Edition right now.
    Friday, December 7, 2007 10:35 PM
  • Hi.

    If you have managed to do this then I would really like to know also.
    I have this working under XP via several methods, but none of them work under Vista. Sad

    Thursday, March 6, 2008 3:58 PM
  • I would like an answer too, because we have an application that monitors the installation progress during

    unattend installation without anyone logged on.


    Program runs with SYSTEM priveleges, and uses the Createprocess API with WinSta0\\Winlogon param.



    Thank you in advance.

    Wednesday, March 19, 2008 10:08 PM
  • It works! with vista !!

    1. WTSGetActiveConsoleSessionId();
    2. WTSQueryUserToken() for winlogon.exe winlogon pid
    3. DuplicateTokenEx ()
    4. AdjustTokenPrivileges ()
    5. CreateProcessAsUser () lpDesktop to Winsta0\Winlogon

    Fire the executable via taskscheduler (schtasks.exe) with SYSTEM priveleges.

    Muhahahaha , and then if you dont see youre app in the winlogon desktop, try hitting ALT+TAB .... in the winlogon desktop.

    I hope microsoft keeps this entry point for showing things on the secure desktop, cause we use it to show the unattended installation progress, I think the secure desktop should stay accessible in future releases.

    (btw, I did not test it with FUS Fast User Switching, It worked with a domain account setting, this means Fast User Switching is not enabled).

    Much appreciated,

    Thursday, April 3, 2008 10:19 PM
  •  mon11 wrote:

    (btw, I did not test it with FUS Fast User Switching, It worked with a domain account setting, this means Fast User Switching is not enabled).


    Fast User Switching is enabled for domain accounts in Vista by default, so that's not necessarily true.

    Friday, April 4, 2008 3:21 PM
  • AndyCadley,


    You are right, I tested it, it works also with FUS.

    Sunday, April 6, 2008 7:47 PM
  • Hi,

    I have a problem similar to this.

    I wanted to try the steps you have mentioned, but the WtsApi32.h present in my system

    does not support the WTSGetActiveConsoleSessionId() API. I am using WindowsSDK V6.0.

    Can you please let me know the right header file or the right version of SDK which has the

    above mentioned API?





    Friday, April 11, 2008 8:44 AM
  • Please, can you provide more details e.g. source code for the sequence 1-5?  I am calling each method in sequence but cannot acheive result of getting my application running and displaying on the Vista logon.


    • Proposed as answer by DHoelting Tuesday, May 19, 2009 4:45 PM
    Tuesday, April 22, 2008 9:01 PM
  • I'm trying to do the same thing.  I understand everything except for the WTSQueryUserToken for winlogon.exe.  What is that?
    Tuesday, May 19, 2009 4:46 PM
  • C++:




    I was able to create a process in the WinLogon Desktop. However, I use a form just to receive messages. I don't know if it is possible to display something.


    Tuesday, May 10, 2011 1:15 PM
  • Hi RonakPPatel

    I want to create a process when no body is logged in the system in windows XP(user just booted the system and he is in window login screen).

    In your question you mentioned  "when I run the program on XP it works" you are getting output in XP.

    Please assist me on this.

    Thanks in advance



    Wednesday, February 13, 2013 6:32 PM
  • You can test it this way (on XP):

    - Download MR's PsExec and make it accesible to Command Prompt.

    - Open cmd.exe and type

    psexec -accepteula -x -d cmd

    Psexec should inform you that the process has been started and its process ID.

    - Press Alt-Ctrl-Del. You should have a nice Command Prompt besides "Windows Security".

    Friday, September 6, 2013 8:11 AM