Содержание

Практическое руководство. Назначение службам контекста безопасности How to: Specify the Security Context for Services
Назначение службам контекста безопасности To specify the security context for a service
How to: Specify the Security Context for Services
To specify the security context for a service
Store Context Class
Definition
Windows 10 requirements
Remarks
Version history
Properties
Methods
Events

Практическое руководство. Назначение службам контекста безопасности How to: Specify the Security Context for Services

По умолчанию службы работают в контексте безопасности, отличном от того, в котором работает вошедший в систему пользователь. By default, services run in a different security context than that of the logged-in user. Службы работают в контексте стандартной системной учетной записи с именем LocalSystem . Она дает им другие права на доступ к системным ресурсам (не такие, как у пользователя). Services run in the context of the default system account, called LocalSystem , which gives them different access privileges to system resources than the user. Эту ситуацию можно изменить, указав другую учетную запись пользователя, под которой будет работать служба. You can change this behavior to specify a different user account under which your service should run.

Чтобы задать контекст безопасности, для процесса, в котором выполняется служба, нужно изменить свойство Account. You set the security context by manipulating the Account property for the process within which the service runs. Это свойство позволяет задать для службы один из четырех типов учетных записей. This property allows you to set the service to one of four account types:

User . Система запрашивает действительное имя пользователя и пароль, когда служба устанавливается и запускается в контексте учетной записи, указанной одним пользователем по сети. User , which causes the system to prompt for a valid user name and password when the service is installed and runs in the context of an account specified by a single user on the network;

LocalService . Выполняется в контексте учетной записи, которая аналогична учетной записи непривилегированного пользователя локального компьютера. Удаленным серверам при этом передаются учетные данные анонимного пользователя. LocalService , which runs in the context of an account that acts as a non-privileged user on the local computer, and presents anonymous credentials to any remote server;

LocalSystem . Выполняется в контексте учетной записи, которая предоставляет широкие локальные привилегии. Удаленным серверам при этом передаются учетные данные компьютера. LocalSystem , which runs in the context of an account that provides extensive local privileges, and presents the computer’s credentials to any remote server;

NetworkService . Выполняется в контексте учетной записи, которая аналогична учетной записи непривилегированного пользователя локального компьютера. Удаленным серверам при этом передаются учетные данные компьютера. NetworkService , which runs in the context of an account that acts as a non-privileged user on the local computer, and presents the computer’s credentials to any remote server.

Дополнительные сведения см. в описании перечисления ServiceAccount. For more information, see the ServiceAccount enumeration.

Назначение службам контекста безопасности To specify the security context for a service

Создав службу, добавьте для нее необходимые установщики. After creating your service, add the necessary installers for it. Дополнительные сведения см. в разделе Практическое руководство. Добавление установщиков в приложение-службу. For more information, see How to: Add Installers to Your Service Application.

В конструкторе откройте класс ProjectInstaller и щелкните установщик процессов службы, с которой вы работаете. In the designer, access the ProjectInstaller class and click the service process installer for the service you are working with.

В классе ProjectInstaller для каждого приложения-службы есть по крайней мере два компонента установки: установщик процессов для всех служб в проекте и установщик для каждой службы приложения. For every service application, there are at least two installation components in the ProjectInstaller class — one that installs the processes for all services in the project, and one installer for each service the application contains. Сейчас вам нужно выбрать ServiceProcessInstaller. In this instance, you want to select ServiceProcessInstaller.

Читайте также: Celeron e3400 windows 10

В окне Свойства задайте для свойства Account соответствующее значение. In the Properties window, set the Account to the appropriate value.

How to: Specify the Security Context for Services

By default, services run in a different security context than that of the logged-in user. Services run in the context of the default system account, called LocalSystem , which gives them different access privileges to system resources than the user. You can change this behavior to specify a different user account under which your service should run.

You set the security context by manipulating the Account property for the process within which the service runs. This property allows you to set the service to one of four account types:

User , which causes the system to prompt for a valid user name and password when the service is installed and runs in the context of an account specified by a single user on the network;

LocalService , which runs in the context of an account that acts as a non-privileged user on the local computer, and presents anonymous credentials to any remote server;

LocalSystem , which runs in the context of an account that provides extensive local privileges, and presents the computer’s credentials to any remote server;

NetworkService , which runs in the context of an account that acts as a non-privileged user on the local computer, and presents the computer’s credentials to any remote server.

For more information, see the ServiceAccount enumeration.

To specify the security context for a service

After creating your service, add the necessary installers for it. For more information, see How to: Add Installers to Your Service Application.

In the designer, access the ProjectInstaller class and click the service process installer for the service you are working with.

For every service application, there are at least two installation components in the ProjectInstaller class вЂ” one that installs the processes for all services in the project, and one installer for each service the application contains. In this instance, you want to select ServiceProcessInstaller.

In the Properties window, set the Account to the appropriate value.

Store Context Class

Definition

Provides members you can use to access and manage Microsoft Store-related data for the current app. For example, you can use members of this class to get Microsoft Store listing and license info for the current app, purchase the current app or products that are offered by the app, or download and install package updates for the app.

Windows 10 requirements

Remarks

This class and the rest of the Windows.Services.Store namespace was introduced in Windows 10, version 1607. This class can only be used in projects that target Windows 10 Anniversary Edition (10.0; Build 14393) or a later release in Visual Studio. If your project targets an earlier version of Windows 10, you must use the Windows.ApplicationModel.Store namespace instead of the Windows.Services.Store namespace. For more information, see In-app purchases and trials.

The StoreContext class is the main entry point to the Windows.Services.Store namespace. Use members of this class to perform tasks such as getting Microsoft Store listing and license info for the current app, purchasing the current app or add-ons that are offered by the app, or downloading and installing package updates for the app. Other classes and types in this namespace represent items such as add-ons for the app, licenses for the app and its add-ons, and Microsoft Store listing info for the app.

To get a StoreContext object, use one of these static methods:

GetDefault: Use this method in single-user apps (that is, apps that run only in the context of the user that launched the app). This method gets a StoreContext object that you can use to access and manage Microsoft Store-related data for the user. Most Universal Windows Platform (UWP) apps are single-user apps.

GetForUser: Use this method in multi-user apps. This method gets a StoreContext object that you can use to access and manage Microsoft Store-related data for a specific user. For more information about multi-user apps, see Introduction to multi-user applications.

In a Windows desktop application that uses the Desktop Bridge, you must add some additional code to configure the StoreContext object before your app can use this object. For more information, see Using the StoreContext class in a desktop application that uses the Desktop Bridge.

After you have a StoreContext object, you can start calling methods to purchase an app or add-on for the current user and other tasks. For more information, see the following articles:

You can also use a StoreContext object to download and install package updates for the app. For more information, see Download and install package updates for your app.

Version history

Windows version	SDK version	Value added
1703	15063	FindStoreProductForPackageAsync
1803	17134	CanAcquireStoreLicenseAsync
1803	17134	CanAcquireStoreLicenseForOptionalPackageAsync
1803	17134	CanSilentlyDownloadStorePackageUpdates
1803	17134	DownloadAndInstallStorePackagesAsync
1803	17134	GetAssociatedStoreQueueItemsAsync
1803	17134	GetStoreProductsAsync(IEnumerable,IEnumerable,StoreProductOptions)
1803	17134	GetStoreQueueItemsAsync
1803	17134	RequestDownloadAndInstallStorePackagesAsync(IEnumerable,StorePackageInstallOptions)
1803	17134	RequestUninstallStorePackageAsync
1803	17134	RequestUninstallStorePackageByStoreIdAsync
1803	17134	TrySilentDownloadAndInstallStorePackageUpdatesAsync
1803	17134	TrySilentDownloadStorePackageUpdatesAsync
1803	17134	UninstallStorePackageAsync
1803	17134	UninstallStorePackageByStoreIdAsync
1809	17763	RequestRateAndReviewAppAsync
1809	17763	SetInstallOrderForAssociatedStoreQueueItemsAsync

Properties

Gets a value that indicates whether package updates for the current app can be downloaded without displaying a notification UI to the user.

Gets info about the user that is associated with the current StoreContext object in a multi-user app.

Methods

Acquires a license for the specified downloadable content (DLC) add-on package for the current app.

Gets a value that indicates whether a license can be acquired for the specified downloadable content (DLC) add-on of the current app for the current user.

Gets a value that indicates whether a license can be acquired for the specified downloadable content (DLC) package of the current app for the current user.

Downloads and installs the specified downloadable content (DLC) packages for the current app from the Microsoft Store without displaying a notification UI dialog to the user.

Gets Store product details for the app or add-on that is associated with the specified package.

Gets the collection of packages for the current app that have updates available for download from the Microsoft Store, including optional packages for the app.

Gets license info for the current app, including licenses for add-ons for the current app.

Gets Microsoft Store listing info for the products that can be purchased from within the current app.

Gets Microsoft Store listing info for the products that can be purchased from within the current app. This method supports paging to return the results.

Gets info about all the new or updated packages that are in the download and installation queue for the current app.

Gets the remaining balance for the specified consumable add-on for the current app.

Retrieves a Microsoft Store ID key that can be used to query for product entitlements or to consume product entitlements that are owned by the current user.

Retrieves a Microsoft Store ID key that can be used to grant entitlements for free products on behalf of the current user.

Gets a StoreContext object that can be used to access and manage Microsoft Store-related data for the current user in the context of the current app.

Gets a StoreContext object that can be used to access and manage Microsoft Store-related data for the specified user in the context of the current app.

Gets Microsoft Store listing info for the current app and provides access to a method that you can use to purchase the app for the current user.

Gets Microsoft Store listing info for the specified products that are associated with the current app.

Gets Microsoft Store listing info for the specified products that are associated with the current app, with the option to use a filter for the query.

Gets info about the specified new or updated packages that are in the download and installation queue for the current app.

Gets Microsoft Store info for the add-ons of the current app for which the user has purchased.

Gets Microsoft Store info for the add-ons of the current app for which the user has purchased. This method supports paging to return the results.

Reports a consumable add-on for the current app as fulfilled in the Microsoft Store.

Attempts to download and install the specified downloadable content (DLC) packages for the current app from the Microsoft Store. This method also displays a UI dialog that requests permission for the operation.