MeshCentral icon indicating copy to clipboard operation
MeshCentral copied to clipboard

Published 20 hours ago verified publisher icon Ylianst

Secure desktop issues on windows 10

Open deajan opened this issue 3 years ago • 13 comments

Hello,

Using meshcentral 0.9.16 installed as service, I noticed that I loose desktop control when the local computer requests secure desktop.

Steps to reproduce using KeyPass:

  1. Install keyPass 2.4x
  2. Open Tools > Security > check "Enter master key on secure desktop"
  3. Create a new password DB
  4. Close KeyPass
  5. Open KeyPass
  6. Open created password DB
  7. Lost remote access

This happens on Windows 10 20H2, also happened on 1903, probably on others. Hope you guys can plumb something so meshcentral stays in control when this happens.

Best regards.

deajan avatar Sep 27 '21 20:09 deajan

@deajan I encountered this problem with KeePass as well earlier today. It turns out that you can close the Secure Desktop prompt by simply pressing ESC.

ghost avatar Sep 28 '21 20:09 ghost

Good to know ;) Nevertheless, this might happen with other secure desktop apps which might not be usable. I'll try the same with my other remote control tomorrow to see whether it works.

deajan avatar Sep 28 '21 20:09 deajan

Wow, really forgot to update this one ;( Today, I've tried again opening KeePass via meshcentral 0.9.61 with the agent installed as service. Once again, the screen turned black, whereas I was able to interact with the secure desktop using SimpleHelp 5.3 remote control software on the same computer (also installed as service).

Hope you guys can find some time to investigate those issues.

deajan avatar Jan 04 '22 22:01 deajan

Try this: Go to the console tab, and type: uac interactive Then connect the desktop, and see if your usage works... You can change it back by typing: uac secure

krayon007 avatar Jan 04 '22 23:01 krayon007

Also, when you connect the desktop, are you connected to the local desktop, or an RDP session? Normally, I've seen the secure desktop is remoted fine, if you are connecting the desktop to the local desktop, but not an RDP session. For that scenario, I added the uac command to the console tab.

krayon007 avatar Jan 04 '22 23:01 krayon007

I've tried the command in console tab, then reconnected to the desktop. It doesn't do any difference. Notice that usual UAC elevation prompt work (eg elevate CMD.exe).

I've also checked whether I did the right command

> uac get
UAC mode: Interactive Desktop

I am connecting to a console of a Windows 10 Pro x64 20H2 computer, which is my main workstation. I don't have any RDP sessions on that one. Anything I can add to the diag ?

deajan avatar Jan 05 '22 16:01 deajan

That's very interesting. The UAC prompt normally uses the secure desktop, so if that works, it wierd that the keypass thing doesn't. I'll have to look into this scenario.

krayon007 avatar Jan 05 '22 19:01 krayon007

any news ?

deajan avatar Apr 06 '22 20:04 deajan

Not yet. I'll retest this when I finish the remote desktop overhaul on windows.

krayon007 avatar Apr 06 '22 21:04 krayon007

Thanks for the answer, I'll stay tuned, and willing to conduct tests ;)

deajan avatar Apr 06 '22 21:04 deajan

Any update on this?

JSuenram avatar Jun 02 '22 07:06 JSuenram

Not yet. But so far I am working on the screen capture aspect using the desktop duplication API. It's still using SendInput for remote injection. So in order for secure desktop to work while not running as Local system, I'll have to see if there is a remote injection API as part of desktop duplication.

Otherwise, it will still need to have a temporary service started to spawn a LocalSystem process.

krayon007 avatar Jun 02 '22 08:06 krayon007

Issue seems resolved since v1.0.6x series for me. Thanks.

deajan avatar Sep 03 '22 16:09 deajan