windows 会话、窗口站和桌面
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4686897/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Sessions, Window stations and Desktops
提问by Confused
Sessions, Window Stations and Desktops.
会话、窗口站和桌面。
A session consists of all process and other system objects that represent a single user's logon session. Sessions contain Window Stations and Window Stations contain desktops.
会话由代表单个用户登录会话的所有进程和其他系统对象组成。会话包含窗口站,而窗口站包含桌面。
The above is from http://blogs.technet.com/b/askperf/archive/2007/07/24/sessions-desktops-and-windows-stations.aspx
以上来自http://blogs.technet.com/b/askperf/archive/2007/07/24/sessions-desktops-and-windows-stations.aspx
(Similar articles say the same thing, e.g. blogs.technet.com/b/askperf/archive/2007/04/27/application-compatibility-session-0-isolation.aspx and blogs.msdn.com/b/ntdebugging/archive/2007/01/04/desktop-heap-overview.aspx)
(类似的文章说同样的事情,例如 blogs.technet.com/b/askperf/archive/2007/04/27/application-compatibility-session-0-isolation.aspx 和 blogs.msdn.com/b/ntdebugging/archive /2007/01/04/desktop-heap-overview.aspx)
I've always understood Sessions and logon sessions to be one and the same thing.
我一直认为会话和登录会话是一回事。
However, reading p. 474, Russinovich and Solomon, Windows Internals, 5th edition, it says (penultimate paragraph):
然而,阅读第。474,Russinovich 和 Solomon,Windows Internals,第 5 版,它说(倒数第二段):
The CreateProcessWithLogon function also creates a token by creating a new logon session with an initial process, which is how the Runas command launches processes under alternative tokens.
CreateProcessWithLogon 函数还通过创建具有初始进程的新登录会话来创建令牌,这就是 Runas 命令在替代令牌下启动进程的方式。
So Runas creates a new logon session. If we use Runas to run Notepad under a different user's credentials we see it appear on the desktop. So Notepad is running on the same desktop as everything else. (This is, as far as I understand it, the default desktop in Window Station Winsta0; the interactive window station.) So what we have now are twologon sessions associated with the same Session (the thing that contains window stations). So Sessions and logon sessions would not appear to be one and the same.
所以 Runas 创建了一个新的登录会话。如果我们使用 Runas 在不同用户的凭据下运行记事本,我们会看到它出现在桌面上。所以记事本和其他所有东西都在同一个桌面上运行。(据我所知,这是 Window Station Winsta0 中的默认桌面;交互式窗口站。)所以我们现在拥有与同一个会话(包含窗口站的东西)关联的两个登录会话。所以会话和登录会话不会是一回事。
Can anybody confirm this please?
任何人都可以确认这一点吗?
Confused
使困惑
回答by P Daddy
There are indeed two types of sessions here. Here's my understanding of how they work.
这里确实有两种类型的会话。这是我对它们如何工作的理解。
A logon session[2]is managed by the Local Security Authority[2], and manages the scope of a user logon. These are created primarily by the winlogonprocess, but also secondarily by API functions such as
LogonUser,CreateProcessAsUser, andCreateProcessWithLogonW, or by applications that use these functions, such as therunascommand.A logon session isn't tied to any specific Object Manager[2]concepts as window stations and desktops. It's basically just a block of information containing the logon SID and some cached security information about the account. This block of information, this logon session, is what an access tokenpoints to.
The other type of session is sometimes called a Terminal Services session, Terminal Server session, Remote Desktop session, logon session (as confusing as that is), user logon session, or user session. Usually, though, it's just called a "session", without further qualification.
This is the type of session that you'll usually hear about, and is what window stationsbelong to. This type of session came aboutto support multiple interactive GUI logons, as provided by Terminal Services (now known as Remote Desktop), and is now also used to support Fast User Switching. Sessions provide the necessary isolation between the Object Manager objects associated with each user logon.
一个登录会话[ 2]是由管理本地安全机构[ 2],并管理用户登录的范围。这些是由主要创建Winlogon中的过程,但也其次由API功能,例如
LogonUser,CreateProcessAsUser,和CreateProcessWithLogonW,或通过使用这些功能,例如应用程序runas命令。登录会话不依赖于任何特定的对象管理器[ 2]概念,如窗口站和桌面。它基本上只是包含登录 SID 和有关帐户的一些缓存安全信息的信息块。这个信息块,这个登录会话,就是访问令牌所指向的。
另一种类型的会话有时称为终端服务会话、终端服务器会话、远程桌面会话、登录会话(尽管如此令人困惑)、用户登录会话或用户会话。但通常,它只是被称为“会话”,没有进一步的限定。
这是您通常会听到的会话类型,也是窗口站所属的类型。这种类型的会话即将支持多个交互式 GUI 登录,由终端服务(现在称为远程桌面)提供,现在还用于支持快速用户切换。会话在与每个用户登录相关联的对象管理器对象之间提供必要的隔离。
I don't spend much time messing with all this stuff, so I'm a little fuzzy on some of the details, but I think this is a pretty fair representation of the overall picture. I hope it clears things up a bit.
我不会花太多时间来处理所有这些事情,所以我对一些细节有点模糊,但我认为这是对整体情况的相当公平的表示。我希望它能把事情弄清楚一点。
