I'm looking for the best way to ensure that a specific application runs continuously on a Windows machine for standard (non-admin) users. I need it to be visible in their session (not just a background service) and prevent them from stopping, killing, or uninstalling it unless they have admin rights. Additionally, it should restart automatically after a reboot or if it gets closed. I'm not looking for a workaround; I want to know the proper architecture for this setup, especially since I've tried running it as a service but that puts it in Session 0, which is not ideal for UI. Any expert advice would be great!
2 Answers
Yeah, Windows has definitely made it trickier than it should be. If you have access to the source code of your app, you might have a few options. One idea is to use Windows kiosk mode since it's designed for these scenarios, but I know it’s limited mostly to UWP or browser apps in Windows 11. If your app is Win32, consider a startup script that launches it under a different user account with limited admin permissions. That way, standard users can't close it. Each situation might require a bit of a customized approach, though, depending on your setup.
If you control the app's source code and are working with a Win32 app, you're in a pretty good position. You mentioned the need to monitor user processes and load DLLs, which means keeping it in the same user session is essential for visibility. However, I hear you about the struggle against users killing the process. Finding the right balance is key here. Have you thought about leveraging something like PowerShell with the Kiosk Shell Launcher? It might help you create a more secure setup while maintaining that necessary oversight.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures