Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Isolated Named Pipes in Terminal Server Sessions

If my application starts, I check first if there is already an instance of the app and if yes, I give focus to the running instance and terminate the newly created process. I make this with a named pipe that is registered through WCF. That works fine so far.

Now my app will also be used in a terminal server environment. Is it right that named pipes are system wide, so that I must change the startup logic to not give focus to instances of other users (what certainly not will work but break my application) or does Terminal Server (2003R2) isolate WCF-Bindings for each TS-session?

I cannot access the productive environment yet, that’s why I post this question. Maybe someone can give me an answer to this question?

Update

Through another post I did concerning the app startup, I learned that there is a more convenient way to manage the single application startup using a Mutex, which can be used system wide or on a terminal session basis.

The question however is open anyhow and perhaps someone that has good WCF –knowledge can answer it. It would be interesting.

like image 545
HCL Avatar asked Jul 09 '10 07:07

HCL


2 Answers

Named pipes are system-wide. There is no "Global" or "Local" prefix like there is for other kernel object types.

This is because named pipes are used as part of a network resource, e.g., myComputer\pipename. The objects that get "Global" and "Local" prefixes (events, semaphores, mutexes, timers, file mappings, and jobs) are scoped to the computer and cannot be accessed by another computer.

like image 66
Stephen Cleary Avatar answered Nov 08 '22 22:11

Stephen Cleary


This article explains how to restrict named pipes to a single session of terminal server: https://msdn.microsoft.com/en-us/library/windows/desktop/aa365600(v=vs.85).aspx

To prevent remote users or users on a different terminal services session from accessing a named pipe, use the logon SID on the DACL for the pipe. The logon SID is used in run-as logons as well; it is the SID used to protect the per-session object namespace. For more information, see Getting the Logon SID in C++. https://msdn.microsoft.com/en-us/library/windows/desktop/aa446670(v=vs.85).aspx

like image 2
Arthur Barrett Avatar answered Nov 08 '22 22:11

Arthur Barrett