Credentials and services in VISTA issue RRS feed

  • Question

  • Hi, guys!

    For the past few days I was having some problems with the development of Vista's credentials provider and NT services.

    A small intro to the problem: our company is developing SDK for other developers, and in order to check if it is registers we use two ways -  first one is creating licences for machine where the SDK will be developed, or using "dongles" - USB keys, which have neccessary information. We have writen a NT service which is always checking for licence(with some intervals) depending on the choice youi have made - once again - dongle or licence.

    The problem is, that our client wants to create a new Vista's log-on screen using credentials provider, however our service fails to check whether SDK is registered.

    I have checked - the service starts at the fresh boot, however fails to do the check - just writes that it's not registered, however then when I log-on and log-out - everything is OK - the SDK is registered.

    I believe that it is a security issue, however I would really appreciate some help.

    Tuesday, May 8, 2007 8:30 AM

All replies

  • Can you be a little more precise than "fails to do the check"? Which system calls fails? With which error code?
    Thursday, May 24, 2007 1:34 AM
  • Sorry, we have succussfully solved the problem. We have found out that dll's which our service was intended to protect started a bit earlier than the service itself. From this point it was easy to fix it. However, I do think that it's bad that dll's in credentials are loaded before all the services are started.
    Monday, May 28, 2007 6:52 AM
  • If logonui had to wait for all services (even just the auto-start ones) to be started to instantiate the credential providers, we would have a lot of end users impatiently waiting while before they can even attempt to logon.

    What you experienced is actually by design. The overall logon process was redesigned to remove as many dependencies on the network and services as possible.

    Credential Providers that have such dependencies (like the smartcard provider depending on the smartcard service) should handle them asynchronously.

    Monday, May 28, 2007 5:26 PM
  • Yes, we figured it out. Although, I really appreciate your answer. Thanks!
    Tuesday, May 29, 2007 12:04 PM