I am creating a utility that runs as a service and starts applications. As long as I log in as an admin and start the service it will run the applications. I log out and the service (and applications) continue to run. But, if another user logs in with different credentials they cannot access the front end GUI of the applications started by the service utility.
I was wondering if there is a built in account which I could use that may solve the issue? Or if anyone has any ideas or insight in the matter?
Windows Services can only be set to "interactive" when run in the system account. Notice the placement of the "Allow service to interact with desktop" checkbox on the Log On tab when configuring the service (via the Control Panel Services application).
Beyond that, are the other users logging in via RDP? Run mstsc with the "/admin" flag to ensure that they are going to Session 0 where the service will display its windows.
And finally, beware interactive services! You are probably on Windows XP or 2003 which is why it kind-of works, but Windows Vista, 7 and 2008 behave very differently (search for "Session 0 isolation").
Related
I have deployd an Asp.Net MVC application to an app service in azure and scaled it out to 2 instances.
Sometimes I need to restart an instance, but I only find a way to restart the whole web app. Is there a way to restart one instance only? Even removing the instance and then creating a new one would work for me.
There is no super clean way to do this, but it is still possible to achieve with the following steps:
Go to the Web App in the portal
Choose Process Explorer from Tools menu
You'll see processes for all instances. You can right click on specific w3wp's and kill them, which effectively restarts the site. You don't have to kill the Kudu process (the one with the K icon) if you only want to restart the site. For WebJobs, kill Kudu as well.
You can now restart an instance of an App Service Plan from the App Service Plans - Reboot Worker page in the Azure docs. You can restart the instance directly from that page using the 'Try it' feature.
Visit the Reboot Worker page
Login using an account from the Azure tenant containing the App Service Plan
Click 'Try it'
In the right hand pane enter the Name of the App Service plan and the resource group which contains the plan
Select the Azure subscription which contains the App Service plan
Enter the name of the work machine (instance) you wish to restart. This value typically starts with RD and may be found using the metric and diagnostic tools for the Web App in the Azure Portal.
Click the green Run button at the below the request preview.
If you are using App Services then, unfortunately, this is not possible. You can only update the no. of instances.
But as an alternative, you can decrease the number of instances and then increase back again. Or if you want more granular control, for any reason, then you can deploy the web app in IaaS Virtual Machine workloads and setup instances manually.
At the time of this posting, there is a Health Check (Preview) feature mentioned in the Azure Portal under the "Diagnose and solve problems -> Best Practices" blade for an App Service.
Health Check feature automatically removes a faulty instance from rotation, thus improving availability.
This feature will ping the specified health check path on all instances of your webapp every 2 minutes. If an instance does not respond within 10 minutes (5 pings), the instance is determined to be unhealthy and our service will stop routing requests to it.
It is highly recommended for production apps to utilize this feature and minimize any potential downtime caused due to a faulty instance.
Note : Health Check feature only works for applications that are hosted on more than one instance. For more information check the documentation below.
You can restart individual instances using "Advanced Application Restart", which you can find under diagnostic tools for your App Service in the Azure Portal.
I have a Delphi application running in a server. This application do some critical work with my DB which is used in other applications and executes when a user logs in to Windows. It all is working fine, but, turns out the server's administrator sometimes reboot the server and does not log in to Windows. The server stays in Windows Login and my application doesn't start.
After a small research I decided to create a Windows Service to start my application even before a user logs in Windows. But, I have two forms. One form shows the Current Process that my application is executing and the other one edite a .ini file that its used to configure the first form.
What I need to be done is to create a service that starts my application before a user logs in Windows and after logging in, show my forms or open it but minimize it to System Tray.
Is it possible to use Windows Service with this behavior and minimize my forms to the System Tray?
A service cannot display a UI at all (including a System Tray icon) in Vista onwards, and it is discouraged in earlier versions. In all versions of Windows, you should be separating the UI out into its own non-service application that can be run by a logged-in user, manages the system tray icon for that user's tray, and communicates with the backend service as needed using any number of available IPC mechanisms (pipes, sockets, COM, RPC, WCF, etc).
Well, you can have a form in a service, but is has to run as Administrator and must be set up as an interactive service.
I've used SVCOM to create nice services with tray icons and a form that can minimize to system tray.
Have a look here: http://www.aldyn.ru/products/index.html
Hope this helps
Why the option ‘Allow service to interact with desktop’ is only available for Local System account and not for any other account while configuring a windows service from control panel? I want to configure the windows service so as to allow interaction with desktop irrespective of the account it is configured to run with. How to achieve it?
that is a good question! I have never seen an official explanation from Microsoft, but I would guess that the reason has to do with permissions and rights and not wanting to mislead users.
Not all users are created equal. Some do not have the rights to display a user interface on session 0, or interact fully with arbitrary programs (and resources) it is running alongside. Having those users able to show GUI elements from a service may lead to confusion. For example, if a user account having limited rights starts an instance of Windows Explorer as a service, that window may not be able to accept dropped files from a "regular" explorer started by the interactive user. This sort of thing may be very difficult to diagnose and explain!
Note that Windows can certainly do what you like and we code it all the time in our service applications (http://www.CoreTechnologies.com/). Windows is simply not making that option available to you for any arbitrary user.
Of course please please take a step back and beware changes in Vista. "Session 0 Isolation" is a game changer for interactive Windows Services!
I created a Windows service and installed into users machine.
That windows service is very important and I do not want to user can change its startup type to "disable".
It seems "Plug and Play" service can disable the Startup drop-down listbox.
How can I make same behavior for my windows service?
I would imagine it has to do with setting the appropriate permissions on the registry key. But a user with sufficient permissions can do anything. If this is for a business application, I would try to stick to using group policy or user permissions. If this is for a commercial application then I would expect a lot of upset users and malware detection.
I've build a Windows service that allows a user to choose a DSN and the service will access it and peform tasks on it. The code works without error when running under a test command line application, and fails when running as the actual Windows Service.
My question is, are Windows Services not allowed to access User DSN? Is there any way to still allow users the ability to create and configure DSNs for the service to use?
check What are the access restrictions on accessing a DSN