Not possible to disable the service "TabletInputService"

Question

We've recently started the migration from Windows Server 2012 R2 RDS to Windows Server 2022 RDS. One of our applications (prowin32.exe) is not functioning properly, regardless of compatibility settings, and throws an error referencing comctl32.ocx. After investigation it was determined this is a common issue among a few different applications developed by Progress. Unfortunately, the application in question has never been updated to resolve the issue.

The mitigation is simple. Somehow the "Touch Keyboard and Handwriting Panel Service" is the blame. There are quite a few references to this across Reddit and Microsoft Communities, but they all have the same common solution to simply stop and then disable the service. But it isn't possible to stop the service. And setting the service to "Disabled" doesn't survive a reboot. After rebooting the service is restored to "Automatic (Trigger Start)".

This wasn't always the behavior as we have some older Windows Server 2022 VM's where the TabletInputService is in fact Disabled. I suspect a Windows Update may have changed the behavior of the service.

What we've tried:

• Disabling the TabletInputService service in services.msc. The service is set to "Automatic (Trigger Start)" after a reboot.
• Manually setting the Start value to "4" in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TabletInputService. The value is reset to "2" after a reboot.
• Manually setting the Start value to "4" in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TabletInputService and then removing the SYSTEM permissions from the key. The value is reset to "2" after a reboot.
• Renaming the TapTip.exe file in C:\Program Files\Common Files\microsoft shared\ink.

We've since opened a case with Microsoft, who has confirmed the behavior and is working to determine why. I suspect we won't see a solution to this issue. At this point we're sort of stuck, not able to proceed. I'm curious if anyone else has ever worked with a stubborn service before, one that doesn't follow logic. Any idea how we can disable this service? I thought about perhaps removing the entire key for "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TabletInputService" - but would this actually prevent the service from starting? I suspect Windows Updates could simply restore the key.

Answer 1

Microsoft confirmed the behavior of this service was changed, and it's now considered a "critical service". It cannot be disabled using any support method. But they were unable to provide any information as to why, patch notes, or when the change was made. It's all very strange. We can only assume it was a Cumulative Update at some point, as some of our virtual machines we deployed earlier in the year had this service disabled using Services.msc (disabled, rebooted, service stayed disabled).

We did find a workaround, but it's clunky and I don't expect anti-malware systems to like it. Also, it will likely be reverted after Windows Updates are applied.

• Launch regedit and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TabletInputService.
• Set the Start DWORD value to “4”.
• Right-click the TabletInputService key, select Permissions… and then click Advanced.
• Change the Owner to the local Administrators group, check “Replace owner on sub containers and objects” and click Apply and OK, OK.
• Right-click the TabletInputService key again, select Permissions… and then click Advanced.
• Click Disable inheritance and then select “Convert inherited permissions into explicit permissions on this object”.
• Change all permissions to Read Only and then click Apply, OK, OK.
• Restart the server and confirm the “Touch Keyboard and Handwriting Panel Service” (TabletInputService) is disabled and not running.

Another workaround, if you're using Parallels RAS for your RDS environment, you can use server optimization to disable this service.

Answer 2

We have the exactly same problem - migrate from 2012R2 to 2022 + the same problem if we kill Tabtip.exe and run OSK.exe. If you solve this, please put solution here.