winlogon

问题 I have been working on LSA auth package for introducing my custom logon mechanism in windows 10. So far, I have been successful in registering the auth package and get my LsaLogonUserEx method called by LSA. Now the thing which I am stuck at is how to prepare the OUT parameters of LsaApLogOnUser method. NTSTATUS NTAPI LsaApLogonUserEx( IN PLSA_CLIENT_REQUEST ClientRequest, IN SECURITY_LOGON_TYPE LogonType, IN PVOID ProtocolSubmitBuffer, IN PVOID ClientBufferBase, IN ULONG SubmitBufferSize,

问题 When I boot my Windows 8.1 laptop, I want to display a message on the Windows logon screen so that I know when all services and startup processes have started. Aside from just waiting some number of minutes, with the assumption that all services that can start have done so, how can I code a process to query for a "startup complete" condition and then update the UI? Would detection of startup-complete be possible with a group policy startup script or a task scheduler routine that triggers on

问题 I've been trying to create a simple windows service application that inputs the logon credentials and with a click of a button logs you on. I have read about GINA and Credential Provider. I have also looked at many articles including: http://msdn.microsoft.com/en-us/library/aa379608%28VS.85%29.aspx. I just want to know if it is possible to logon using the logonuser function provided by windows? 回答1: No you can not, using LogonUser() is only one step of many in the logon process. Also GINA is

问题 I am writing a service application that will run with local system credentials. I will need to know from my service if the Windows logon screen is displayed at any particular time. Is there any way to do this? PS. The screens that can be brought up by locking the workstation: Or by trying to switch the user: Or after a Ctrl+Alt+Del: PS. I need this to run on Windows XP and up. EDIT: The only viable solution that I came up with so far is to see if LogonUI.exe process is running. The issue with

问题 I am creating a Windows Credential Provider to logon into a Windows domain using certificates as described on this article. This implies creating a custom KSP that will be called by LsaLogonUser when creating an authentication package. I manage to create the custom KSP and tested it successfully in a standalone app that calls LsaLogonUser directly. Basically creating the authentication package and pass it to LsaLogonUser, loaded the KSP, called a bunch of functions and authenticated the user

问题 How safe is it to use LOGON32_LOGON_NETWORK_CLEARTEXT? We have the following scenario: Web server A is using Win32 LogonUser. Then it needs to invoke an asmx method on server B. If the used logon type is LOGON32_LOGON_INTERACTIVE it works well. However the customer rejects this because it requires interactive access. If we use LOGON32_LOGON_NETWORK this does not allow token delegation to the remote server and we get 401 (as expected, according to the MSDN). Attempting to use DuplicateToken to

问题 I've been creating a Credential Provider DLL that authenticates via the internet before allowing login. However this hasn't worked as well as I expected because my WinHTTP request isn't getting sent. I've confirmed this using wire shark. but I can't figure out why it's not sending any requests off. I've checked that my code is actually calling the functions properly - and they are. But the http request never makes it off. I'm slightly confused at this point and I'm seeking to know if there is

问题 After looking through the code for building custom credential providers for Windows 7, I managed to get my own tile to show up on the logon screen, and can logon as the desired user. However, I am trying to implement a system where an event (a Bluetooth device in range) triggers a logon/unlock, without needing to click on the tile. I can set it to fill in the password automatically (maybe I will implement pulling the password from the device), but either way, I must click the tile first. If

问题 I have created a EFI Pre-Boot Application were in I enter the user credentials which are passed to windows to logon (Single Sign On) using my credential provider. I have a Group policy "Interactive logon: Smart card removal behavior" set to "Lock Workstation: The workstation is locked when the smart card is removed, allowing users to leave the area, take their smart card with them, and still maintain a protected session." So if I reboot the machine and use login using my credential provider,

问题 As for personal fun and challenge, I wanted to add a way to login on my own personal computers. All are currently using Windows 7. Normally this would use ICredentialProvider or something like that. Basically the goal here is to have 2 way to login, the normal user/password one and the alternative (mine) with a Yubikey. Is there any where I could look to find some resources on how to achieve this using C# ? 回答1: There is an article about implementing a custom Credential Provider here, and