Window Stations And Desktops
A console/keyboard/mouse combination is represented in Windows NT as a window station object. Within a window station there may be several desktop objects. Think of a desktop as a collection of the windows that are visible at any one time.
In Windows NT versions 3.1 and 3.5, the window station object representing the physical screen, keyboard, and mouse is called "WinSta0." Winlogon creates the following desktops in this window station:
Winlogon desktop
This is the desktop Winlogon uses (and GINAs should also use) for interactive identification and authentication and other secure dialogs. Winlogon switches to this desktop automatically once it receives a Secure Attention Sequence (SAS).
Application desktop
Each time a user successfully logs on, an application desktop is created for that logon session where all logged-on user activity will take place. This desktop is protected so that System and the interactive logon session may access it, but no one else. (Note that only a particular instance of the logged-on user may access the desktop. If the interactive user also activates a process using the service controller, that service application will not be able to access the application desktop.)
Screen saver desktop
This desktop is created a screen saver is running. If someone is logged on, this desktop allows both System and the logon session access to the desktop. Otherwise, it allows only System access to the desktop.
When Winlogon initializes, it registers the SAS of CTRL+ALT+DEL with the system. Making this the first process ensures that no other application has hooked that key sequence. At this time, Winlogon creates three desktops, one for itself, one for the user's applications, and one for the screen saver.
As the owner of these desktops, Winlogon (and GINA) can switch the active, or visible, desktop to any of the three. In general, GINA developers need not change the active thread desktop. Winlogon typically sets the desktop appropriately before dispatching to the GINA DLL. The description of each GINA dispatch routine provided in this document clearly defines which desktop is established as the active thread desktop for that call.