This sample demonstrates the use of a NT service with an UWP app. Communication between the app and the service is done through RPC.
This sample shows how UWP can communicate with a NT service, allowing it to perform privileged actions. In this sample, the UWP app will check the status of services and start/stop them.
The NT service must be not open to any application, since an untrusted application would have control of system services. We can limit the access with Access Control Lists (ACL) on the RPC server.
The ACL can contain, for example, rules to require the existence of a capability (e.g. only applications with the system management capability, or with a custom capability) or a specific Package Family Name (PFN). In this example, only a specific PFN will be able to connect to the service.
This sample can run on ARM and x86, on both Windows for IoT and desktop.
This solution has three projects:
- RpcInterface: Has a IDL file ( Interface Definition Language) with the definition of the RPC interface (functions and its arguments).
- RpcServer: RPC server. Runs as a NT service and receives RPC calls to return the status, start or stop other NT services.
- NTServiceRpc: Sample UWP app consuming the NT service.
- ACLs to limit service access
- RPC server implementation
- Client connection to RPC
- Deploying in Windows for IoT
- To create an OEM package that includes a service. For a sample of such usage, see this sample on iot-adk-addonkit.