This background service can be seen as two services. The first background service is running as a user service, or user process. The second background service is running as a system service. The only difference between them is the access condition. The user process has the same access rights as the normal logged on user. The system service has the same access right as all other system services.
The background process/service has different internal components running as separate threads. Keep the components within the same process for better performance and stability. For example, avoid multiple processes accessing the same smart card reader and reading the same thing.
#define SRV_TRACE trace #define SRV_SSO_CACHE cache #define SRV_SSO_PKCS11 pkcs11 #define SRV_SSO_CSP csp #define SRV_SSO_KSP ksp #define SRV_SSO_PLUGIN plugin #define SRV_WATCH watch #define SRV_TS_VC ts-register // Register VirtualChannel (will require normal user) #define SRV_EVENT event #define SRV_TOKEN token #define SRV_CERTIFICATE certificate #define SRV_SCS scs #define SRV_NETCONTROL netcontrol #define SRV_TASKBAR taskbar #define SRV_CRYPT crypt
This example is using the watch component, among others. The watch component is used to monitor the system, that is, smart card insertion or removal. Thus, it is quite natural that you want actions both for system and user.
|The services run as a system service and background process on Windows. That is, as system and user .|
[Service] ActiveSystem=trace,cache,pkcs11,csp,watch ActiveUser=watch,event,taskbar,token,certificate,netcontrol,ts-register
There is currently no need for root access service on macOS or Linux, so everything will be run as a user service.
[Service] ActiveSystem=none ActiveUser=trace,cache,pkcs11,token,certificate,watch
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Net iD Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] > Net iD Service