Windows Vista/7/8/8.1/10 and Windows Server 2008/2008 R2/2012/2012 R2/2016 have several security features that must be considered when running services under FireDaemon Pro.
User Access Control (UAC)
To gain access to the Service Control Manager, FireDaemon Pro must be run with administrator privileges.
When FireDaemon Pro is installed, different executable files are deployed to work around most of the UAC limitations. However, if UAC is enabled, some of the features of FireDaemon Pro will no longer work or will behave differently. These are specifically:
- The FireDaemon Pro Console Application (CLI) will be run in a separate console window.
- Saving files to the FireDaemon Pro installation directory is disallowed.
- Various UAC popups will be presented to confirm user actions when running the FireDaemon Pro installer or FireDaemon Pro Service Manager
To restore this functionality, simply disable UAC, as follows:
- Open a command prompt.
- At the command prompt, run the command msconfig.exe
The Service Configuration dialog box appears.
- Click the Tools tab.
- In the tools list, search for the tool Change UAC Settings.
- Click the Launch button.
The User Account Control Settings dialog box appears.
- Keep the default settings and click the OK button.
- Restart your system.
UAC will now be disabled.
Session 0 Isolation and the Interactive Services Detection Service
In Windows XP and Windows Server 2003 all services run in Session 0 along with the user applications. From Windows Vista onwards, interactive Windows services are run in Session 0. All other user-initiated applications are run in dedicated user sessions (i.e. Session 1 or higher). This is to protect services from attacks that originate in application code. The effect of this change is that you will need to switch to Session 0 to see your interactive service running. The FireDaemon Pro installer enables interactive services and the you can switch to Session 0 from the FireDaemon Pro GUI. In later versions of Windows 10 and Server 2019 the ability to switch to Session 0 has been removed from the operating system. You will need to deploy FireDaemon Zero and FireDaemon ZeroInput to resolve this issue. For more information regarding Session 0 please see our comprehensive KB article.