winlogon

问题 I would like to implement the following authentication scenario on Windows: User provides username and password If username and password authentication succeeds, they are asked one additional question, such as translate a word in a different language or a math question. This sounds like a MFA/2FA scenario. I am not sure of the "right way" implement it: Do I implement a separate credential provider for the challenge question and chain it to the password credential provider? If so, how do I

问题 I have a custom usb based fingerprint recognition device. How can I associate the fingerprint on the device with the user of the Windows machine (Using CredentialProvider). Primarily, I want that upon fingerprint scanning automatic login should occur without any prompt for username/password. What I realise that there should be some registration process to bind fingerprint to the Windows user; but I am unable to find any technical resource in this direction. Thanks in advance. 回答1: You will

问题 I'm implementing the program related to logon domain with certificate by custom KSP and my credential provider. I have successfully interacted from my credential provider to custom KSP. I'm in the process of implementing custom KSP. The steps I perform handling in custom KSP are as follows: Install the template certificate Kerberos that has been issued from ADCS to local machine store. This is step how I Issue certificates and set up logons. Is there something missing ? Export the private key

问题 I'm implementing the program related to logon domain with certificate by custom KSP and my credential provider. I have successfully interacted from my credential provider to custom KSP. I'm in the process of implementing custom KSP. The steps I perform handling in custom KSP are as follows: Install the template certificate Kerberos that has been issued from ADCS to local machine store. This is step how I Issue certificates and set up logons. Is there something missing ? Export the private key

问题 I'm implementing the program related to logon domain with certificate by custom KSP and my credential provider. I have successfully interacted from my credential provider to custom KSP. I'm in the process of implementing custom KSP. The steps I perform handling in custom KSP are as follows: Install the template certificate Kerberos that has been issued from ADCS to local machine store. This is step how I Issue certificates and set up logons. Is there something missing ? Export the private key

问题 I know that in windows 8, certain applications have a notification on the lock screen, and some fingerprint readers can add messages to the logon screen in windows 7 and older machines. Is it possible for a program to display a message on the logon screen for Windows 7 using c#? If so, can that message be dynamic? 回答1: Yes it is possible to add/changes the logon screen message. It involves updating the legalnotiecaption and legalnoticetext values in the registry. See this article for a

问题 I'm asking this question because it turns out that there's some difficulty in writing a screensaver app in Delphi that's capable of running from the Logon screen. See question: Windows 7 logon screensaver in Delphi I've narrowed down the problem (or at least one problem) to a particular Win API call CreateEvent . SyncEvent := CreateEvent(nil, True, False, ''); if SyncEvent = 0 then RaiseLastOSError; This code only fails if called from the Logon screen. And GetLastError returns that access is

问题 I'm asking this question because it turns out that there's some difficulty in writing a screensaver app in Delphi that's capable of running from the Logon screen. See question: Windows 7 logon screensaver in Delphi I've narrowed down the problem (or at least one problem) to a particular Win API call CreateEvent . SyncEvent := CreateEvent(nil, True, False, ''); if SyncEvent = 0 then RaiseLastOSError; This code only fails if called from the Logon screen. And GetLastError returns that access is

问题 Hi all I've written a custom credentialprovider that works fine when using username/password as credential, the password is transferred via bluetooth. After all it was not that difficult as the documentation tells you what interfaces to implement. Now I want to change the credentials to use certificates instead. I see that I should use the KERB_CERTIFICATE_LOGON structure for this. Diving deeper into the topic I found that I should implement a custom key storage provider as described in this

问题 I need to write a small tool that runs on every userdesktop or, if no one is logged in, directly on logon screen. Maybe a service with a form starting? I already found this question (and answer): Running a process at the Windows 7 Welcome Screen // grab the winlogon process Process winLogon = null; foreach (Process p in Process.GetProcesses()) { if (p.ProcessName.Contains("winlogon")) { winLogon = p; break; } } // grab the winlogon's token IntPtr userToken = IntPtr.Zero; if (!OpenProcessToken