Re: windows authentication replacement
From: Richard Ward (richardw_at_delete-yellow-dogs.com)
Date: 12/01/03
- Next message: Richard Ward: "Re: Unable to Get Credential Mgr Working on Windows 2000 Platform"
- Previous message: Joe Richards [MVP]: "Re: How do i convert a RID to a SID?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 30 Nov 2003 16:14:45 -0800
What is outlined below is really only relevant to the
gathering of credentials; the actual authentication is
done by an Authentication Package within the LSA
process. The authentication package is what is
responsible for verifying the credentials against an
account store, and determining the appropriate IDs
for the user (user id, group memberships, etc.)
While not impossible, it is not for the faint of heart.
What does your boss see as advantageous for the
proprietary scheme over the Windows scheme?
There are various ways of hooking into the security
system so that you can synchronize passwords and
accounts between disparate systems, for example.
"Rhett Gong" <v-raygon@online.microsoft.com> wrote in message
news:4aM0bfKtDHA.1576@cpmsftngxa06.phx.gbl...
> Hi Roger,
> Authentication is the process of verifying that someone (or something)
> is who they claim to be. Winlogon is an interactive component which
> supplies this service.
> Winlogon has 3 parts shown below.
> |--------------------------------------------------|
> | Winlogon.exe |
> |--------------------------------------------------|
> |Gina DLL | Network Provider Dll |
> |--------------------------------------------------|
> Gina DLL offers GUI authentication.
> Some basic exported functions are handled in Winlogon.exe, and the
> authentication policy was designed separately in Gina Dll. When the system
> is booted, winlogon.exe loads Gina DLL into the system. Windows has a
> default Gina DLL called msgina.dll( %systemfolder%\system32\msgina.dll).
It
> implements a standard user/password authentication model. You can replace
> msgina.dll and design your own Gina DLL by adding other authentication
> models such as intelligent card and fingerprint in your Gina DLL.
> I think you are headed in right direction. ;-)
> In addition, copy your Gina DLL (Such as MyGina.dll) in
> %systemfolder%\system32\ directory, and modify the following registry key:
> Key Name: \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\
> Winlogon
> Value Name: GinaDLL
> Value Type: [REG_SZ]
> Value: MyGina.dll
>
>
>
> Rhett Gong [MS]
> Microsoft Online Partner Support
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Please reply to newsgroups only. Thanks.
>
>
>
>
>
>
>
- Next message: Richard Ward: "Re: Unable to Get Credential Mgr Working on Windows 2000 Platform"
- Previous message: Joe Richards [MVP]: "Re: How do i convert a RID to a SID?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
