Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like

Archive for the ‘Programming’ Category

Random Active Directory Notes #1

If you are going to use the Active Directory Service Interface (ADSI) in Delphi, the first thing you will need is the typelibrary (TLB). This TLB is in the windows\system32 folder and has the name activeds.tlb.

We can import this tlb in Delphi (the procedure differs somewhat, depending on the Delphi version), but there are quite some problems with the resulting pas file of this import:

  • Ugly and non meaningfull names such as __MIDL___MIDL_itf_ads_0000_0000_001.
  • Record sizes are sometimes (read: usually) wrong due to alignment errors.
  • Some Interfaces have wrong declarations resulting in Access Violations or just hard to use (eg using var for input parameters).
  • Delphi works with Typed Pointer but since it has no clue on the proper name it uses PUserTypexx (eg PUserType1 = ^_ADS_CASEIGNORE_LIST). It’s hard to recognise later on what the real type is.

A version of the imported tlb is also in the Jedi Apilib (JwaAdsTLB) and basically it had the same errors. Because I was wondering how this would work in c++ I checked the SDK and found the header file Iads.h.


Did you make a SasLibEx enquiry? And… news!

My hoster has had some problems with the domain that I use for SasLibEx enquiries. If you have sent mail to mail that has not been answered I kindly request you to send it again.

I would also like to briefly tell you about an upcoming new release of SasLib, version 2.0. There is so much I would like to tell you about it but I will limit it to a few highlights here and save the rest for the upcoming website on

  • A new option to simulate Control-Alt-Delete with only user permissions (no need to be admin or even system).
  • New Switch console function to reconnect closed RDP sessions for remote control.
  • Supports Windows Vista, Server 2008, Windows 7 and Server 2008 R2.
  • Support for Delphi 2010, C++ Builder 2010 and will support MS Visual C++ 2010 once it reaches RTM.
  • Native x64 support.

I feel especially good about 2.0 because further improvements were made to the code, again some highlights:

  • Full documentation of all functions, parameters and known possible errors.
  • 80% of the code was rewritten from scratch.
  • Uses techniques like annotations to further reduce the chance of programing errors.
  • Structured testing.

Small LaunchRDP Update

For a long time now people have asked for a version of LaunchRDP that includes the Connection Bar. The original version was originally written for a very specific purpose and I never anticipated so many people would want to use it. But it seems that a lot of people like the Connection Bar (I hate it, especially with sessions in sessions, so that’s why I am using RDPWithLocalTaskbar).


I was deploying an unattended installation of Citrix XenApp 5.0 with Altiris Deployment Server. The installation consists of several prerequisites, the installation of XenApp and finally the Citrix Management Consoles.

The installation is performed with a special account and not the Local System account because the install packages are located on the network.

When testing the deployment on a Windows Server 2008 I noticed that sometimes MSI based installations would fail with error code 1603 or 1601.


SasLibEx updates

I have found and tested some new functionalities which I will add to SasLibEx:

  • Unlocking workstation without entering password
  • Cancel UAC (User Account Control) request
  • fully disable Ctrl-Alt-Del
  • Cancel Ctrl-Alt-Del
  • Switch between secure desktop (where the UAC prompt is) and the normal desktop.

Some people asked if SasLibEx works on x64 or Windows 7, the answer is yes. I tested on build 7000 of Windows 7 beta and also on Server 2008 x64.


If you read the MSDN documentation of WM_KEYDOWN and WM_KEYUP you can see that those message require us to interpret lParam as a bitfield:

Specifies the repeat count, scan code, extended-key flag, context code, previous key-state flag, and transition-state flag, as shown in the following table.

Specifies the repeat count for the current message. The value is the number of times the keystroke is autorepeated as a result of the user holding down the key. The repeat count is always one for a WM_KEYUP message.
Specifies the scan code. The value depends on the OEM.
Specifies whether the key is an extended key, such as the right-hand ALT and CTRL keys that appear on an enhanced 101- or 102-key keyboard. The value is 1 if it is an extended key; otherwise, it is 0.
Reserved; do not use.
Specifies the context code. The value is always 0 for a WM_KEYUP message.
Specifies the previous key state. The value is always 1 for a WM_KEYUP message.
Specifies the transition state. The value is always 1 for a WM_KEYUP message.

I was looking for a convenient way to get and read the bits and this is what I made up:

Existing code to simulate the Secure Attention Sequence (SAS),which most people refer to as control alt delete or ctrl-alt-del, no longer works in Windows Vista. It seems that Microsoft offers a library that exports a function called SimulateSAS(). It is not public and one is supposed to request it by sending a mail to Mails to this address remain unanswered though.

I researched how other people (including Microsoft) have solved this task and was unhappy with the results: some solutions work only with (or without) UAC, most solutions work only for the current or console Terminal Server sessions or need a kernel mode driver.

So I decided to create my own Saslib with the following goals:

  • Should work both with and without User Account Control (UAC)
  • Should support current, console and any Terminal Server session
  • Does not need a driver
  • The calling application does not need to be signed or have a special manifest
  • Support multiple programming languages

I have succeeded and thus SasLibEx was born: not only can it successfully simulate the SAS sequence it can do this for any/all Terminal Server sessions. It can also lock the workstation (again for all sessions) and switch between the normal desktop and the secure desktop (the desktop that UAC runs on). SasLibEx was successfully tested both with and without User Account Control (UAC).

In the future I will place SasLibEx on it’s own website. Meanwhile you can contact me if you are interested in it at the following mail address: mail

Please note that I have spend lots of time into this project and therefore I cannot give it away for free

Update: I have added new features to SasLibEx, see here:

I’m working on a new build of TSAdminEx for which I need to query the total amount of physical memory. Locally we can use the GlobalMemoryStatusEx API but there’s no API to do this remotely. It would be possible using WMI but I decided not to use that because I dislike it because of it’s slowness and I need support for older OS versions which might not have WMI.

So I found in the registry the following key:

HKLM\HARDWARE\RESOURCEMAP\System Resources\Physical Memory

It has a value .Translated of type RES_RESOURCE_LIST which seems undocumented besides stating that it exists. Regedit knows how to handle it though. If you doubleclick on the key you will see something like this:


TSAdminEx Features Part 3

Beta ReleasePart 1Part 2  

This is part 3 of the TSAdminEx Features series. Today I will discuss the Process View. As usual we will start by comparing TSAdmin to TSAdminEx again. So let’s look at TSAdmin Process View:


And the one from TSAdminEx:



TSAdminEx Features Part 2


Now that a TSAdminEx beta is ready I will be showing you some features. In this part I will show the Sessions View.

Let’s start again with a compare of TSAdmin and TSAdminEx:



As you can see TSAdminEx shows more details, it shows the following extra columns: