Replacement shell for repurposing a Windows client

Guy Leech

I am currently an architect at AppSense, having been responsible for the initial idea and implementation of their very first product, namely Application Manager, and have been working with Citrix products at a technical level since 1995.

My background is in development, first on Unix then Windows, as well as consultancy and even some pre-sales and customer support thrown in.

Any spare time I get these days seems to be spent "playing" with technology.

I was proud to receive the VMware vExpert award in 2009.

Posted Wednesday, September 02, 2009 by Guy Leech | 6 Comments | 2633 views

Tags: Tools and Scripts | All Articles

Have a Windows client that you want to just use as a thin client? If so, take a look at this utility that is a drop in shell replacement which will just run the given program, with arguments, and relaunch it when it exits.

The shelly.exe program provided here just launches the command line you give it, which can include parameters, and when that command line exits, it launches it again. And again. And Again. Hook this in to the OS by changing the “Shell” registry value in “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” to be the command line you want. For example:

C:\path\shelly.exe +mstsc.exe c:\myconnection.rdp

The ‘+’ character is used to tell shelly where the command line starts that it needs to execute. This example uses the Microsoft RDP client but you could also specify the Citrix ICA client or VMware View or in fact anything else you want to use.

Also note that the shell can be specified on a per-user basis if required so you could leave the default in HKLM to be “explorer.exe” and change the same registry value in the equivalent key in HKCU for your users, or in the mandatory profile, to be the shelly command line that you require. You would still probably want to use GPOs to restrict the local user so that they could not run task manager, via ctrl-alt-del, and other typical user lockdown settings, such as disabling the command prompt.

Assuming that the resource that you connect to through the command line that shelly launches authenticates users, you might want to look at setting the client device to autologon such that it runs the shelly replacement shell without a user having to logon to the client device. This is actually quite easy to do although does require credentials to be set in the registry so does come with some security implications. Take a look at these links:

http://technet.microsoft.com/en-us/sysinternals/bb963905.aspx

and

http://support.microsoft.com/kb/315231

although the risk can be mitigated by using a local account or a domain account with very few rights.

As a note to the interested, this is all done in less than twenty lines of C++ code including error checking and reporting!

Download shelly here:

shelly.zip

You will also need to have the latest Visual C++ 2005 runtime installed which is available here:

Visual C++ runtime

Comments

Guest on Thursday, September 17, 2009 says

I am unable to run shelly.exe . When I put it in HKLM\Software .... then there nothing happens just blank blue screen (not BSOD). When I try to run it from cmd I got "System cannot execute specified program" (translated from my XP version). Of course I have Visual C++ 2005 runtime installed.

Guy Leech on Thursday, September 17, 2009 says

Thanks for giving it a try. I suspect that you don't have the "right" Visual C++ 2005 SP1 runtime installed. It unfortunately has to be the very latest one (released 28/07/09) which is available here:

http://www.microsoft.com/downloads/details.aspx?FamilyID=766a6af7-ec73-40ff-b072-9112bab119c2

Please let us know how you get on.

Guest on Thursday, September 17, 2009 says

I thought the same. First I installed Visual C++ 2005 SP1 then after failure I installed Visual C++ 2008 and still the same.

Guest on Thursday, September 17, 2009 says

Maybe debug mode ?

Guy Leech on Friday, September 18, 2009 says

Definitely not built in debug mode and in Visual Studio 2005 not 2008. Can you check that you have definitely installed the latest VC++ SP1 redistributable rather than the originally released one? I patched my development environment recently and now everything I build requires this latest redistributable.

Is there anything in the event log pointing to missing assemblies?

What locale/language are you using - I only test, given that this is a free product, on UK English.

Guy Leech on Monday, October 19, 2009 says

Please note that there is now an update to this utility available at

http://www.insidetheregistry.com/content/viewarticle.aspx?articleid=1796