Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
XP
accessibility
basics
beta.general
beta.help-and-support
configuration_manage
customize
device_driver.dev
embedded
embedded.techpreview
games
general
hardware
help_and_support
messenger
moviemaker
music
network_web
newusers
perform_maintain
photos
print_fax
security_admin
setup_deployment
video
winlogo
wmi
work_remotely
  
 
date: Wed, 6 Aug 2008 09:05:01 -0700,    group: microsoft.public.windowsxp.security_admin        back       


Unique Windows XP Authentication    
hi,

I need some help to do the following: i want to use a unique
authentication/logon process for Windows XP (instead of the 
original Windows logon). This means that before the logon
dialog box appears i want to use my own authentication mechanism
(It uses USB drive as a hardware key, in combination with free
software tools and asymmetric cryptography with a radius server.)
If the authentication fails, /for example no USB drive/ the
original logon dialog box should appear.

Well, some of the main questions are i think: 
- how can i execute my own logon application before the windows
logon dialog box appears? (maybe as a service??)
- if the logon succeed, how can i step over the original logon
dialog box and go straight to the desktop?

thx any help in advance
date: Wed, 6 Aug 2008 09:05:01 -0700   author:   3iron3

Re: Unique Windows XP Authentication    
Why do you want to do this? Is there something wrong with the existing 
choices? Writing your own authentication method is rarely a good idea. It's 
some of the most difficult code to write securely.

Help me understand your business or technical need; perhaps I can suggest an 
alternative that doesn't require replacing a fundamental component of the 
operating system.

-- 
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



"3iron3"  wrote in message 
news:9BDD2EA3-B6C6-43C7-8B68-69931B9C2DF2@microsoft.com...
> hi,
>
> I need some help to do the following: i want to use a unique
> authentication/logon process for Windows XP (instead of the
> original Windows logon). This means that before the logon
> dialog box appears i want to use my own authentication mechanism
> (It uses USB drive as a hardware key, in combination with free
> software tools and asymmetric cryptography with a radius server.)
> If the authentication fails, /for example no USB drive/ the
> original logon dialog box should appear.
>
> Well, some of the main questions are i think:
> - how can i execute my own logon application before the windows
> logon dialog box appears? (maybe as a service??)
> - if the logon succeed, how can i step over the original logon
> dialog box and go straight to the desktop?
>
> thx any help in advance
date: Wed, 6 Aug 2008 13:47:11 -0700   author:   Steve Riley [MSFT]

Re: Unique Windows XP Authentication    
Well, i'm a student&part of a project in the university where this is the 
main problem. But now i know that i should wite my own gina. i hope i can do 
this but i'm afraid it won't be easy...

have a nice day


"Steve Riley [MSFT]" wrote:

> Why do you want to do this? Is there something wrong with the existing 
> choices? Writing your own authentication method is rarely a good idea. It's 
> some of the most difficult code to write securely.
> 
> Help me understand your business or technical need; perhaps I can suggest an 
> alternative that doesn't require replacing a fundamental component of the 
> operating system.
> 
> -- 
> Steve Riley
> steve.riley@microsoft.com
> http://blogs.technet.com/steriley
> http://www.protectyourwindowsnetwork.com
> 
> 
> 
> "3iron3"  wrote in message 
> news:9BDD2EA3-B6C6-43C7-8B68-69931B9C2DF2@microsoft.com...
> > hi,
> >
> > I need some help to do the following: i want to use a unique
> > authentication/logon process for Windows XP (instead of the
> > original Windows logon). This means that before the logon
> > dialog box appears i want to use my own authentication mechanism
> > (It uses USB drive as a hardware key, in combination with free
> > software tools and asymmetric cryptography with a radius server.)
> > If the authentication fails, /for example no USB drive/ the
> > original logon dialog box should appear.
> >
> > Well, some of the main questions are i think:
> > - how can i execute my own logon application before the windows
> > logon dialog box appears? (maybe as a service??)
> > - if the logon succeed, how can i step over the original logon
> > dialog box and go straight to the desktop?
> >
> > thx any help in advance 
>
date: Thu, 7 Aug 2008 00:01:01 -0700   author:   3iron3

Re: Unique Windows XP Authentication    
Here's one I made earlier: 

http://mylogon.net

Add your USB-detection code in place of the logon GUI.

"3iron3" wrote:

> Well, i'm a student&part of a project in the university where this is the 
> main problem. But now i know that i should wite my own gina. i hope i can do 
> this but i'm afraid it won't be easy...
>
date: Thu, 7 Aug 2008 00:30:00 -0700   author:   Anteaus

Re: Unique Windows XP Authentication    
ty, this must be very helpful to me

"Anteaus" wrote:

> 
> 
> Here's one I made earlier: 
> 
> http://mylogon.net
> 
> Add your USB-detection code in place of the logon GUI.
> 
> "3iron3" wrote:
> 
> > Well, i'm a student&part of a project in the university where this is the 
> > main problem. But now i know that i should wite my own gina. i hope i can do 
> > this but i'm afraid it won't be easy...
> > 
>
date: Thu, 7 Aug 2008 01:14:01 -0700   author:   3iron3

Re: Unique Windows XP Authentication    
Hm, strange assignment, and actually doesn't have much value these days. The 
GINA is deprecated; it's no longer used in Windows Vista or Windows Server 
2008 and will not be used in any future version of Windows. I'd recommend 
you have your instructor reconsider the assignment.

-- 
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



"3iron3"  wrote in message 
news:D504C2FC-2652-4C07-9044-C1DF6A8D820E@microsoft.com...
> Well, i'm a student&part of a project in the university where this is the
> main problem. But now i know that i should wite my own gina. i hope i can 
> do
> this but i'm afraid it won't be easy...
>
> have a nice day
>
>
> "Steve Riley [MSFT]" wrote:
>
>> Why do you want to do this? Is there something wrong with the existing
>> choices? Writing your own authentication method is rarely a good idea. 
>> It's
>> some of the most difficult code to write securely.
>>
>> Help me understand your business or technical need; perhaps I can suggest 
>> an
>> alternative that doesn't require replacing a fundamental component of the
>> operating system.
>>
>> -- 
>> Steve Riley
>> steve.riley@microsoft.com
>> http://blogs.technet.com/steriley
>> http://www.protectyourwindowsnetwork.com
>>
>>
>>
>> "3iron3"  wrote in message
>> news:9BDD2EA3-B6C6-43C7-8B68-69931B9C2DF2@microsoft.com...
>> > hi,
>> >
>> > I need some help to do the following: i want to use a unique
>> > authentication/logon process for Windows XP (instead of the
>> > original Windows logon). This means that before the logon
>> > dialog box appears i want to use my own authentication mechanism
>> > (It uses USB drive as a hardware key, in combination with free
>> > software tools and asymmetric cryptography with a radius server.)
>> > If the authentication fails, /for example no USB drive/ the
>> > original logon dialog box should appear.
>> >
>> > Well, some of the main questions are i think:
>> > - how can i execute my own logon application before the windows
>> > logon dialog box appears? (maybe as a service??)
>> > - if the logon succeed, how can i step over the original logon
>> > dialog box and go straight to the desktop?
>> >
>> > thx any help in advance
>>
date: Thu, 7 Aug 2008 20:09:06 -0700   author:   Steve Riley [MSFT]

Re: Unique Windows XP Authentication    
Well, first of all, thx for the reply
So, if GINA is not used in Vista then what is?
Is it possible to do the same thing in Vista & if it is, how?

thx in advance


"Steve Riley [MSFT]" wrote:

> Hm, strange assignment, and actually doesn't have much value these days. The 
> GINA is deprecated; it's no longer used in Windows Vista or Windows Server 
> 2008 and will not be used in any future version of Windows. I'd recommend 
> you have your instructor reconsider the assignment.
> 
> -- 
> Steve Riley
> steve.riley@microsoft.com
> http://blogs.technet.com/steriley
> http://www.protectyourwindowsnetwork.com
> 
> 
> 
> "3iron3"  wrote in message 
> news:D504C2FC-2652-4C07-9044-C1DF6A8D820E@microsoft.com...
> > Well, i'm a student&part of a project in the university where this is the
> > main problem. But now i know that i should wite my own gina. i hope i can 
> > do
> > this but i'm afraid it won't be easy...
> >
> > have a nice day
> >
> >
> > "Steve Riley [MSFT]" wrote:
> >
> >> Why do you want to do this? Is there something wrong with the existing
> >> choices? Writing your own authentication method is rarely a good idea. 
> >> It's
> >> some of the most difficult code to write securely.
> >>
> >> Help me understand your business or technical need; perhaps I can suggest 
> >> an
> >> alternative that doesn't require replacing a fundamental component of the
> >> operating system.
> >>
> >> -- 
> >> Steve Riley
> >> steve.riley@microsoft.com
> >> http://blogs.technet.com/steriley
> >> http://www.protectyourwindowsnetwork.com
> >>
> >>
> >>
> >> "3iron3"  wrote in message
> >> news:9BDD2EA3-B6C6-43C7-8B68-69931B9C2DF2@microsoft.com...
> >> > hi,
> >> >
> >> > I need some help to do the following: i want to use a unique
> >> > authentication/logon process for Windows XP (instead of the
> >> > original Windows logon). This means that before the logon
> >> > dialog box appears i want to use my own authentication mechanism
> >> > (It uses USB drive as a hardware key, in combination with free
> >> > software tools and asymmetric cryptography with a radius server.)
> >> > If the authentication fails, /for example no USB drive/ the
> >> > original logon dialog box should appear.
> >> >
> >> > Well, some of the main questions are i think:
> >> > - how can i execute my own logon application before the windows
> >> > logon dialog box appears? (maybe as a service??)
> >> > - if the logon succeed, how can i step over the original logon
> >> > dialog box and go straight to the desktop?
> >> >
> >> > thx any help in advance
> >>
date: Fri, 8 Aug 2008 02:37:01 -0700   author:   3iron3

Re: Unique Windows XP Authentication    
Windows Vista and Server 2008 have replaced the GINA with a credential 
provider model with a pluggable architecture. Start your research by reading 
about the new ICredentialProvider interfaces.

Landing page for identity management and access control:
http://technet.microsoft.com/en-us/library/cc749433.aspx

Some samples:
http://www.microsoft.com/downloads/details.aspx?FamilyID=1287ec56-77b4-48c4-8b58-35b7295d6c2c&displaylang=en

However, I still question the assignment your instructor gave you. What is 
he trying to have you learn?


-- 
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com



"3iron3"  wrote in message 
news:6B589D0F-125B-4E03-B745-7FED11EE1AEF@microsoft.com...
> Well, first of all, thx for the reply
> So, if GINA is not used in Vista then what is?
> Is it possible to do the same thing in Vista & if it is, how?
>
> thx in advance
>
>
> "Steve Riley [MSFT]" wrote:
>
>> Hm, strange assignment, and actually doesn't have much value these days. 
>> The
>> GINA is deprecated; it's no longer used in Windows Vista or Windows 
>> Server
>> 2008 and will not be used in any future version of Windows. I'd recommend
>> you have your instructor reconsider the assignment.
>>
>> -- 
>> Steve Riley
>> steve.riley@microsoft.com
>> http://blogs.technet.com/steriley
>> http://www.protectyourwindowsnetwork.com
>>
>>
>>
>> "3iron3"  wrote in message
>> news:D504C2FC-2652-4C07-9044-C1DF6A8D820E@microsoft.com...
>> > Well, i'm a student&part of a project in the university where this is 
>> > the
>> > main problem. But now i know that i should wite my own gina. i hope i 
>> > can
>> > do
>> > this but i'm afraid it won't be easy...
>> >
>> > have a nice day
>> >
>> >
>> > "Steve Riley [MSFT]" wrote:
>> >
>> >> Why do you want to do this? Is there something wrong with the existing
>> >> choices? Writing your own authentication method is rarely a good idea.
>> >> It's
>> >> some of the most difficult code to write securely.
>> >>
>> >> Help me understand your business or technical need; perhaps I can 
>> >> suggest
>> >> an
>> >> alternative that doesn't require replacing a fundamental component of 
>> >> the
>> >> operating system.
>> >>
>> >> -- 
>> >> Steve Riley
>> >> steve.riley@microsoft.com
>> >> http://blogs.technet.com/steriley
>> >> http://www.protectyourwindowsnetwork.com
>> >>
>> >>
>> >>
>> >> "3iron3"  wrote in message
>> >> news:9BDD2EA3-B6C6-43C7-8B68-69931B9C2DF2@microsoft.com...
>> >> > hi,
>> >> >
>> >> > I need some help to do the following: i want to use a unique
>> >> > authentication/logon process for Windows XP (instead of the
>> >> > original Windows logon). This means that before the logon
>> >> > dialog box appears i want to use my own authentication mechanism
>> >> > (It uses USB drive as a hardware key, in combination with free
>> >> > software tools and asymmetric cryptography with a radius server.)
>> >> > If the authentication fails, /for example no USB drive/ the
>> >> > original logon dialog box should appear.
>> >> >
>> >> > Well, some of the main questions are i think:
>> >> > - how can i execute my own logon application before the windows
>> >> > logon dialog box appears? (maybe as a service??)
>> >> > - if the logon succeed, how can i step over the original logon
>> >> > dialog box and go straight to the desktop?
>> >> >
>> >> > thx any help in advance
>> >>
date: Fri, 8 Aug 2008 04:00:07 -0700   author:   Steve Riley [MSFT]

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us