Re: windows authentication replacement

From: Richard Ward (richardw_at_delete-yellow-dogs.com)
Date: 12/01/03


Date: Sun, 30 Nov 2003 16:14:45 -0800


What is outlined below is really only relevant to the
gathering of credentials; the actual authentication is
done by an Authentication Package within the LSA
process. The authentication package is what is
responsible for verifying the credentials against an
account store, and determining the appropriate IDs
for the user (user id, group memberships, etc.)

While not impossible, it is not for the faint of heart.
What does your boss see as advantageous for the
proprietary scheme over the Windows scheme?
There are various ways of hooking into the security
system so that you can synchronize passwords and
accounts between disparate systems, for example.

"Rhett Gong" <v-raygon@online.microsoft.com> wrote in message
news:4aM0bfKtDHA.1576@cpmsftngxa06.phx.gbl...
> Hi Roger,
> Authentication is the process of verifying that someone (or something)
> is who they claim to be. Winlogon is an interactive component which
> supplies this service.
> Winlogon has 3 parts shown below.
> |--------------------------------------------------|
> | Winlogon.exe |
> |--------------------------------------------------|
> |Gina DLL | Network Provider Dll |
> |--------------------------------------------------|
> Gina DLL offers GUI authentication.
> Some basic exported functions are handled in Winlogon.exe, and the
> authentication policy was designed separately in Gina Dll. When the system
> is booted, winlogon.exe loads Gina DLL into the system. Windows has a
> default Gina DLL called msgina.dll( %systemfolder%\system32\msgina.dll).
It
> implements a standard user/password authentication model. You can replace
> msgina.dll and design your own Gina DLL by adding other authentication
> models such as intelligent card and fingerprint in your Gina DLL.
> I think you are headed in right direction. ;-)
> In addition, copy your Gina DLL (Such as MyGina.dll) in
> %systemfolder%\system32\ directory, and modify the following registry key:
> Key Name: \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\
> Winlogon
> Value Name: GinaDLL
> Value Type: [REG_SZ]
> Value: MyGina.dll
>
>
>
> Rhett Gong [MS]
> Microsoft Online Partner Support
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Please reply to newsgroups only. Thanks.
>
>
>
>
>
>
>



Relevant Pages

  • RE: windows authentication replacement
    ... Authentication is the process of verifying that someone ... Winlogon has 3 parts shown below. ... Gina DLL offers GUI authentication. ... and modify the following registry key: ...
    (microsoft.public.platformsdk.security)
  • RE: STOP c000021a Windows logon service failed
    ... then the machine will just reboot. ... >Windows logon service system service failed unexpectedly ... The GINA implements the authentication policy of the interactive logon model. ... It is very common for certain types of remote control software to replace the default Windows GINA DLL. ...
    (microsoft.public.win2000.general)
  • Re: Default credentials
    ... > comes up on my client site requires NTLM or Basic authentication? ... > a web browser - I assume it must be something they have set up ... If your receive a Dialog asking for your creds with NTLM auth ... credentials of the current security context. ...
    (microsoft.public.dotnet.framework.aspnet.webservices)
  • Re: Default credentials
    ... > comes up on my client site requires NTLM or Basic authentication? ... > a web browser - I assume it must be something they have set up ... If your receive a Dialog asking for your creds with NTLM auth ... credentials of the current security context. ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: Default credentials
    ... > comes up on my client site requires NTLM or Basic authentication? ... > a web browser - I assume it must be something they have set up ... If your receive a Dialog asking for your creds with NTLM auth ... credentials of the current security context. ...
    (microsoft.public.dotnet.security)