Re: Custom Authentication Package sample code ?

Hi Ken,

Thanks for your answer ...

I found the MSVSubAuth sample in the Platform SDK and will give it a try ...

As far as I understand, in the USER_ALL_INFORMATION structure I can find the NtPassword HASH. My problem is I need to access the clear text password, so I can to submit the username & password to another external security manager (our RACF mainframe database).

I also need to manage password synchronization between AD and RACF. I thought Password Filter would be a good place to do the job as I must be sure the change is accepted on both sides. I could first submit the change to RACF then, if not OK refuse the new password, if OK let the change AD password go on. When the AD change is done, I would receive a message telling me if AD accepted it or not. If not, I could rollback RACF to the old password. The problem is that Password Filter seems to only have access to newpass in the received parameters, not the actual one. But RACF password change need both !

Actually, I'm doing this using a custom GINA which works under NT4, W2K, XP and W2K3. But of course GINA won't run under Vista ...

So I'm trying to find a way to do the same job under Vista, and would like it to run under W2K, XP, W2K3 and Vista (and probably Server 2008) ...

Regards,

Eric.

.