1
votes

I'm using QWINSTA.EXE to get the session/user list from a terminal server on our network (my computer is Windows 7 Pro, the TS is Windows Server 2003). I pipe the output of this function to a text file and then process the text file to get the info I need. If there is a better way, please forgive and skip my long winded post and point me in the right direction.

My problem is that neither ShellExecute() nor ShellExecuteEx() allow me to even execute the program without first having elevated privileges. If you go to a un-elevated command prompt you won't even see the EXE in a directory listing (no hidden attribute, either). Use a "run as administrator" command prompt and you can see/use it just fine. You can see it from Windows Explorer in any event.

I poked around a bit and found this gem: RunFileAsAdminWait() that does not work if I try to call QWINSTA.EXE directly (it fails with the error message: System Error. Code: 2. The system cannot find the file specified.). If I wrap everything up into a batch file and use RunFileAsAdminWait() on the batch file then it seems to work fine.

I know of, but have not used, WTSEnumerateSessions(). I have not been able to find much information on it other than the MSDN link I just linked to. Anyone know of a decent chunk of reference code for using that API from Delphi? It's not available in the Windows unit of Delphi 2007.

Questions:

  1. Is there another/better way to execute an EXE that requires Administrator rights to even access? Or is that even what is going on here?

  2. Is there a better way to get the list of active sessions on a terminal server, especially one that does not require elevated privileges?

  3. If I'm stuck using this method, am I doing it "the right way"?

Thank you for any help you can offer!

1
Let me see if I have this straight. You want to run an process that requires elevation without provoking a UAC dialog. The only way to do that is to start your process elevated so that the processes that it starts inherit that elevated token.David Heffernan
@David - I probably should have left #1 out of this, but it was the first time I had run into a situation where a file could be seen from explorer but not be found when using ShellExecute() or even viewed from a non-elevated command prompt. I wasn't sure if I was doing something wrong from the start that was causing the need for UAC.Jerry Gagnon

1 Answers

6
votes

Instead of pipe the result of the QWINSTA.EXE you must use the Remote Desktop Services API Functions for a delphi translation of this API check the JwsclTerminalServer unit which is part of the JEDI Windows Security Code Library (JWSCL). in your case for enumerate the terminal server seesion you can use the TJwTerminalServer.EnumerateSessions method.