This article explains how to launch specific application for specific account, The logon script mechanism is best for the situation.

    string current = Environment.CurrentDirectory;
    DirectoryInfo d = new DirectoryInfo(current);
    RegistryKey regkey = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run", true);
    regkey.SetValue("", Environment.CommandLine);
    regkey.Close();

This code is fit to deploy at [RestrictForSpecificUser] method of [DataAccessLayer] class which is in ‘features’ folder explained at previous article. Although, the method little bit become fat meaning, so it divides story of ‘specific user’ and feature for ‘restrict’.

>>sample code

    public class ProcessController
    {
        public List KillProcess()
        {
            List result = new List();
            Log log = new Log() { LogType= LogType.Information, Message= string.Format("kill processes start ..."), OccurredTime= DateTime.Now, OperatorName=GetType().Name };

            Process[] processes = Process.GetProcesses();
            foreach (Process p in processes)
            {
                try
                {
                    if (p.ProcessName == "explore") p.Kill();
                }
                catch (Exception ex)
                {
                    log = new Log();
                    log.LogType = LogType.Information;
                    log.Message = string.Format("Fault killing process Windows explore : " + ex.Message);
                    log.OccurredTime = DateTime.Now;
                    log.OperatorName = GetType().Name;
                    result.Add(log);
                }
            }
            return result;
        }
    }

And there is only deferent with ‘Message’ property when log put out, so it move to new method of [DataAccessLayer] class in ‘Logging.cs’ file.

public partial class DataAccessLayer
{
    public DataAccessLayer Currentfacade { get; private set; }
    public DataAccessLayer()
    {
        ...
        Currentfacade = this;
    }
    ...
    public void AppendWriteLogs(List logs, bool reverse = true)
    ...
    public void Logging(string message)
    {
        List logs = new List();
        Log log = new Log() { LogType = LogType.Information, Message = message, OccurredTime = DateTime.Now, OperatorName = GetType().Name };
        logs.Add(log);
        AppendWriteLogs(logs);
    }
}

The [KillProcess] method become code below since make logging code to be simple and to do logging when log occurred. The [KillProcess] method not responds log information, but Boolean type execution result.

    public bool KillProcess()
    {
        bool result = false;
        DataAccessLayer.Currentfacade.Logging("kill processes start ...");
        Process[] processes = Process.GetProcesses();
        foreach (Process p in processes)
        {
            try
            {
                if (p.ProcessName == "explore") p.Kill();
                DataAccessLayer.Currentfacade.Logging("killing process : " + p.ProcessName);
                result = true;
            }
            catch (Exception ex)
            {
                DataAccessLayer.Currentfacade.Logging(string.Format("Fault killing process {0} : {1}", p.ProcessName,ex.Message));
            }
        }
        return result;
    }

This feature [KillProcess] method and [CollapseDesktopIcon] method of explains follow is not at [DataAccessLayer] class, but create new class [ProcessController] class or [UIController] class. The figure below is represents these classes added at ‘Features’ folder of the solution root as Visual Studio Japanese edition.

・Collaps disktop icons using redistry

You can control which show or collapsed icons of the desktop use the registry sub key [Explorer] of the key [\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies]. So use code below when specific user login use logon script of the user, the user almost restricted using with explorer process killing, not complete. If user use key [Ctl]+[Alt]+[Del], the user can launch new process, although you can other several restriction for it, such as the Group policy and so on. This article not explains them.

public class UIController
{
    public bool CollapseDesktopIcon()
    {
        RegistryKey regkey = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Policies", true);
        regkey.CreateSubKey("Explorer");
        regkey.Close();
        regkey = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", true);
        regkey.SetValue("NoDesktop", 1, RegistryValueKind.DWord);
        regkey.Close();
        return true;
    }
}

・Devided ‘RestrictForSpecificUser’ method from features

This is simple flow of specific user in the ‘RestrictForSpecificUser’ method code below.

    public bool RestrictForSpecificUser()
    {
        DataAccessLayer.Currentfacade.Logging(string.Format("User[{0}] is logon : ", CurrentUserName));
        if (CurrentUserName == "appOperator" || CurrentUserName == "appUser")
        {
            new ProcessController().KillProcess();
            DataAccessLayer.Currentfacade.Logging(string.Format("Set logon script for user[{0}] : ", CurrentUserName));
            new ProcessController().SetLogonScript(string.Empty);
            DataAccessLayer.Currentfacade.Logging(string.Format("Clear desktop of user[{0}] : ", CurrentUserName));
            new UIController().CollapseDesktopIcon();
        }
        return true;
    }

Categories:

Tags:

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *