Hi,All,
I want to write a driver for windows 2003 server,
when the remote user login in . this driver will be loaded.
Any one know how to do ?
Thanks for any reply!
–
Jack Niu Niu
Kernel code runs independant of sessions. What are you trying to do?
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“Jack Niu Niu” wrote in message
news:xxxxx@ntdev…
> Hi,All,
>
> I want to write a driver for windows 2003 server,
> when the remote user login in . this driver will be loaded.
> Any one know how to do ?
>
> Thanks for any reply!
>
> –
> Jack Niu Niu
>
>
>
I want to make my device is only used by the login user, not for others.
–
Jack Niu Niu
There can be many logged in users at a time. There can be more then one
console session running at a time. Typically the way to implement this
is to load the driver and install an NT service which listens for
session notifications. The service acts as a proxy to the device, all
i/o goes through the service to the device. The service can then
selectively allow access to the device based on session state.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack Niu Niu
Sent: Tuesday, January 03, 2006 6:47 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] driver for wts session
I want to make my device is only used by the login user, not for others.
–
Jack Niu Niu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Yes, your idea is very good, but if the driver is such as serial port , after
loading it, the name such as “COM1:” will be access by all user, how to
make the name will only be access by the logged user?
–
Jack Niu Niu
Simply deny access in create IRP handler for other users based on process session/logon ID. Symbolic links as COM1 have nothing to do with real access and they can be created from user mode (DefineDosDevice) so trying to limit them is useless.
Best regards,
Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]
From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of Jack Niu Niu[SMTP:xxxxx@gmail.com]
Reply To: Windows System Software Devs Interest List
Sent: Wednesday, January 04, 2006 4:45 AM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] driver for wts sessionYes, your idea is very good, but if the driver is such as serial port , after
loading it, the name such as “COM1:” will be access by all user, how to
make the name will only be access by the logged user?–
Jack Niu Niu
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@upek.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
You can’t.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack Niu Niu
Sent: Tuesday, January 03, 2006 7:46 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] driver for wts session
Yes, your idea is very good, but if the driver is such as serial port ,
after
loading it, the name such as “COM1:” will be access by all user, how to
make the name will only be access by the logged user?
–
Jack Niu Niu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Drivers are not session specific. Probably you may check TokenSessionId in
IRP_MJ_CREATE, but what if device HANDLE is duplicated to another process
belongs to another session?
best regards,
Lu Lin
TTC senior engineer
http://ttcone.com
Inside Programming
http://lu0.126.com
----- Original Message -----
From: “Jack Niu Niu”
To: “Windows System Software Devs Interest List”
Sent: Wednesday, January 04, 2006 10:47 AM
Subject: [ntdev] driver for wts session
>
> I want to make my device is only used by the login user, not for others.
>
> –
> Jack Niu Niu
If we can not do it, How about the MS?
When we use the RDP Client and select to redirect serial port, after
logging in, we can see the COM1: with our session only, the device can
not be access by others sessions.
–
Jack Niu Niu
You would create the symbolic link in \DosDevices for the current TS
session, see the DDK topic “Local and Global MS-DOS Device Names” for a
starting point. Note that this does not make the device exclusive to
the TS session, just that a dos name exists in that session. Like Mark
Roddy said, any app in any session can create its own dos symbolic link
with DefineDosDevice().
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack Niu Niu
Sent: Tuesday, January 03, 2006 9:11 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] driver for wts session
If we can not do it, How about the MS?
When we use the RDP Client and select to redirect serial port, after
logging in, we can see the COM1: with our session only, the device can
not be access by others sessions.
–
Jack Niu Niu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Can’t the ACL for the device be changed?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Tuesday, January 03, 2006 10:57 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] driver for wts session
You can’t.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack Niu Niu
Sent: Tuesday, January 03, 2006 7:46 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] driver for wts session
Yes, your idea is very good, but if the driver is such as serial port ,
after loading it, the name such as “COM1:” will be access by all user, how
to make the name will only be access by the logged user?
–
Jack Niu Niu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
The functions to manipulate ACLs are only in the IFS kit, not the DDK so
this is not a generally available solution. I don’t think there is an
ACL for the “currently logged on user”, but even if there were, an admin
in another session can take ownership of the security on the device and
change it.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Arlie Davis
Sent: Wednesday, January 04, 2006 8:10 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] driver for wts session
Can’t the ACL for the device be changed?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Tuesday, January 03, 2006 10:57 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] driver for wts session
You can’t.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack Niu Niu
Sent: Tuesday, January 03, 2006 7:46 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] driver for wts session
Yes, your idea is very good, but if the driver is such as serial port ,
after loading it, the name such as “COM1:” will be access by all user,
how
to make the name will only be access by the logged user?
–
Jack Niu Niu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Arlie Davis wrote:
Can’t the ACL for the device be changed?
The ACL assigns access based on user name. The same user can be logged
in multiple times.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Each interactive logon has its logon ID as pseudo-group in its token. This
is used to assign ACLs to desktops and WinStas.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “Doron Holan”
To: “Windows System Software Devs Interest List”
Sent: Wednesday, January 04, 2006 7:56 PM
Subject: RE: [ntdev] driver for wts session
The functions to manipulate ACLs are only in the IFS kit, not the DDK so
this is not a generally available solution. I don’t think there is an
ACL for the “currently logged on user”, but even if there were, an admin
in another session can take ownership of the security on the device and
change it.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Arlie Davis
Sent: Wednesday, January 04, 2006 8:10 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] driver for wts session
Can’t the ACL for the device be changed?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Tuesday, January 03, 2006 10:57 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] driver for wts session
You can’t.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Jack Niu Niu
Sent: Tuesday, January 03, 2006 7:46 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] driver for wts session
Yes, your idea is very good, but if the driver is such as serial port ,
after loading it, the name such as “COM1:” will be access by all user,
how
to make the name will only be access by the logged user?
–
Jack Niu Niu
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com