I'm trying to make our software deployment more user friendly by displaying sort of a gui to the user where he can get some informations and make some settings himself. The problem I ran into is that the script that acts as a gui(it's an HTA vbscrtipt) is executed via the system account and therefore not directly shown to the user. Instead the user gets the message "interactive service detection" (initialized by the UIODetect service on Windows 7). After clicking on that message the user can see the gui. Is there a way to show the gui directly to the user? Maybe like creating a task for the user but than run the script with privileged rights (the users have no administration rights)?
The problems you are having are because of Session 0 Isolation, Session 0 isolation was introduced in Vista and up. The following is and excerpt from the website:
http://technet.microsoft.com/en-us/library/ee449431(v=ws.10).aspx
Session 0 Isolation. In Windows XP and earlier versions of Windows, all services run in the same session as the first user who logs on to the console. This session is called Session 0. Running services and user applications together in Session 0 poses a security risk because services run at elevated privilege and therefore are targets for malicious agents that are looking for a means to elevate their own privilege levels. The Windows Vista and Windows 7 operating systems mitigate this security risk by isolating services in Session 0 and making Session 0 non-interactive. In this case, only system processes and services run in Session 0. The first user logs on to Session 1, and subsequent users log on to subsequent sessions. This approach means that services never run in the same session as users' applications and are therefore safeguarded from attacks that originate in application code.
This website may help provide a solution: