12,063,006 members (33,433 online)
My article for RDP describes how to manage remote desktop sessions to provide assistance, but this is only for Vista, and lots of users (including myself!) still run XP. Here is the way to establish a remote assistance session without manually calling Help and Support.
My experimental project "Turbo Remote" uses this technique if it detects something less than Windows Vista.
The application that needs to create the "listening" session must perform the following:
IsTSSEnabled(). (These have still to be implemented!)
NetUserSetInfofunctions. The application must disable the account if it was originally disabled. This is implemented with
GetTicket(). The stuff is to:
DWORD) in Software\\Microsoft\\Windows\\CurrentVersion\\ Group Policy Objects\\<X>\\Software\\policies\\Microsoft\\Windows NT\\Terminal Services. If there are keys under "Group Policy Objects", then enumerate it, and select the one that has the word "Machine" in it. If not, just put "LocalMachine". If the key does not exist at all, create it.
#import "HelpServiceInterfaces.tlb" rename_namespace("HSITLB") named_guids\ rename("EOF", "XX_EOF")\ rename("GetUserName", "GetUserName_Renamed")\ rename("EncryptFile", "EncryptFile_Renamed")\ rename("DecryptFile", "DecryptFile_Renamed")\ rename("ULONG_PTR","ULONG_PTR1")
If the above code generates
__missing__type errors (if you do not use ATL) , just replace the
CoCreateInstance(HSITLB::CLSID_PCHService, NULL, CLSCTX_LOCAL_SERVER, __uuidof(HSITLB::IPCHService),(void**)&p);
Note the usage of
IPCHService::raw_RemoteConnectionParms(), providing the username, the computer name, the Terminal Services session ID (
WTSGetActiveConsoleSessionId()), and the blob request, which has the following format:
Replace <PCName> and <Username> with the required values, and <X> with the string length of everything after <X>. For example: "13;UNSOLICITED=122;ID=GATOR\\Administrator". My PC name is GATOR, my user name is Administrator, and the total length of the string "ID=GATOR\Administrator" is 22.
The next thing you must do is to examine the ticket (which is something like that: 65538,1,192.168.1.21:3389;laptop:3389,*, KwRrNVpWH2g1vKfVlQUrJHKcpi8N1XA++9tQ+wnAXyE=,*,*,sdP7Lk3SFAXXcIrKpvLW6IJ8fg=) to replace the port 3389 (which is always placed there!) with the port that the Terminal Services Server is actually running. This port is located at "PortNumber" at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp.
This is a Unicode file (the BOM header \xFE\xFF must be present) with the following format:
<?xml version="1.0" encoding="Unicode" ?> <UPLOADINFO TYPE="Escalated"> <UPLOADDATA USERNAME="Administrator" RCTICKET="<ticket>" RCTICKETENCRYPTED="0" DtStart="X" DtLength="Y" L="0"/> </UPLOADINFO>
X is the time that the ticket is created (standard UNIX format, use
Y is this time + the length of the ticket. I have not yet found a way to support encrypted tickets.
After you have that file, you can send it via TCP/IP or other methods to the client.
The implementation of the client is simply receiving the msrcincident file and running it with Help and Support through