Suppose that I had an SDK to develop an application on smartcard to store my password and acts as an Authentication server toward Windows XP. That is, when an user wants to log on Windows XP with a certain username and password, Windows XP will send this account's information to smartcard and wait for a response. If smartcard says YES, user will be granted to log in.
This is my idea but I don't know how to implement it with Windows XP. I have designed an interface between smartcard and Windows XP but I don't know where to begin? I must write my logon application (prefered in C#.NET) to replace the actual standard logon process of Windows XP? How can I intervene in the Windows XP process?
I highly appreciate your helps
Best regards,
Hai-Binh LE
Smart Card Authentication is worth a read.
Write custom GINA:
http://en.wikipedia.org/wiki/Graphical_identification_and_authentication
and
http://msdn.microsoft.com/en-us/magazine/cc163803.aspx
and
http://msdn.microsoft.com/en-us/magazine/cc163786.aspx
But it is not trivial task.
Related
Our application has been changed from ".exe" to virtual application launched via "Microsoft Application Virtualization Client".
QTP is unable to identify any objects even with the same add-ins (which was working before). What could be the possible reason for the odd behaviour?
QTP : 10, Win7 64 bit OS.
Let me know for additional info. Thanks in advance!
When this application is launched via Microsoft Virtual Client it has limited interaction with local applications. For the same reason QTP\UFT is unable to identify the object of AUT. To overcome this issue you have to set "LOCAL_INTERACTION_ALLOW" to TRUE in the Application OSD file.
You can find the file in the OSD Cache folder in the program data of Microsoft Virtual Client.
what I'm trying to achieve is to log from linux to a windows machine which is already being used by one user who should not be logged off and the system should be working with both the users simultaneaously .I'm using krdc to connect to windows machine from linux,which logs off the user when other user logs in.Is there any other way to achieve my intension.
Thanks and Regards
You need to have the real Terminal Services installed. Usually the windows (Home,Professional, etc) can be enabled to have Terminal services but only for a 1 single session. If you install Terminal Services you will need to pay the license for users.
To allow multiple connection you should use VNC/teamviewer (is the most simple way to achieve what you want).
On XP (user account) when running this shortcut:
<Shortcut Id="UninstallStartMenuShortcut" Advertise="no"
Name="AppName" Description="Uninstalls AppName"
Target="[SystemFolder]msiexec.exe" Arguments="/x [ProductCode]"/>
I'm getting an error "You must be an Administrator to remove this application. To remove this
application, you can log on as an administrator, or contact your technical
support group for assistance."
Why this happens instead of asking for elevation with admin password?
How can I avoid this stupid error?
"Elevation" doesn't exist in XP. LUA / UAC is a Vista and beyond concept.
You could create and install an EXE that is the target of the shortcut. This EXE could then determine if higher priviledges are needed and ask for the username and password to run the uninstall as.
Only administrators can install (and uninstall) applications. Therefore it makes sense that the user doesn't have permission to uninstall the software previously installed by the administrator.
runas allows you to run programs as a different user.
This is Citrix technology based question. I need to develop windows app which should have functionality of remote session shadowing. We have server on which XenApp server and XenApp SDK is installed, and we get session information from it by using PowerShell. Problem is that XenApp SDK does not provide shadowing functionality. Basically i need something like client to client session shadowing.
Is this possible at all?
Thank You!
You can shadow a session remotely using WtsOpenServer and WtsStartRemoteControlSession api, just like rds/terminal server sessions. You MUST however shadow FROM an Ica (Citrix) session.
For OS < Vista you can use WinStationShadow.
See also: http://www.remkoweijnen.nl/blog/2007/10/30/new-terminal-server-apis-in-vista-sp1/
I recently developed an application for Windows XP and newer which make some changes in the system registry. It has been tested on several machines and i now got an incident where a user gets the error message when launching the installer: "You must be logged in as an administrator when installing this program" on Windows XP. It's understandable if the user don't got any administration privileges that Windows rejects the installer.
As being the developer of the software, can I do anything to prevent this from happening? (Without doing the work not touching the registry). Or is it simply just a user problem?
What you didn't say was what the software was going to do. If it was true administrator software, then it can require administration privileges. If it's for a specific use and your client approves, it can require administration privileges (ask the client before assuming it's OK). If it's something a normal user might use, and will see use outside an enterprise that has specifically approved this,you need to find a way to make it usable by less privileged accounts, and if that includes not making changes to the system registry that's what you'll have to do.
Windows Vista introduced UAC, which was designed to make software like yours, which requires administrator privileges, awkward to use. This was for a reason: allowing people in general to run as administrator at all times is a big security issue. More and more enterprises are passing out computers without admin privileges, so your software will be usable on fewer and fewer corporate systems.
If this is some sort of home/personal software, requiring admin privileges is going to make users on Vista and 7 less happy with your software, and is going to perpetuate the global security issue of hordes of individual users, with no computer savvy, being on the net logged in as administrator.
Unless you're in some sort of niche, this is not a user problem (and, if it was, do you really want to be causing your users problems?). It's a developer problem.