So it looks like there are times when the DesktopWindow is not available.
Desktops - Win32 apps | Microsoft Docs
By default, there are three desktops in the interactive window station: Default, ScreenSaver, and Winlogon.
The Default desktop is created when Winlogon starts the initial process as the logged-on user. At that point, the Default desktop becomes active, and it is used to interact with the user.
Whenever a secure screen saver activates, the system automatically switches to the ScreenSaver desktop, which protects the processes on the default desktop from unauthorized users. Unsecured screen savers run on Winsta0*Default*.
The Winlogon desktop is active while a user logs on. The system switches to the default desktop when the shell indicates that it is ready to display something, or after thirty seconds, whichever comes first. During the user’s session, the system switches to the Winlogon desktop when the user presses the CTRL+ALT+DEL key sequence, or when the User Account Control (UAC) dialog box is open.
The Winlogon desktop’s security descriptor allows access to a very restricted set of accounts, including the LocalSystem account. Applications generally do not carry any of these accounts’ SIDs in their tokens and therefore cannot access the Winlogon desktop or switch to a different desktop while the Winlogon desktop is active.
So if the Winlogin desktop/window, UAC window, Ctrl Alt Del window or Secure Screensaver desktop/window is active, ie not the default users interactive desktop/window, then I would imagine the GetDeskTopWindow() api could fail, and I’d expect this api call in services may cause problem as well.
I think this 3 desktop/window setup is what prompted MS to make a cutdown version of Windows Server and called it Server Core as discussed here, where even more desktop/user functionality is restricted. Clarion 10/11 program running on Windows Server Core - questions - ClarionHub