Environment: NT4, Win2000 (for development file system should be fat32)
Caution: Use this code at your own risk!!
Restoring Your Windows (fat32)
Reboot your Window with the boot disk, copy msgina.dll to xgina.dll, and reboot again.
Details
For details about this program, please look for gina in the MS MSDN.
Installation
- Add the GinaDLL key to “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows BTCurrentVersionWinlogon”.
- The value of key GinaDLL is xgina.dll.
- Reboot.
Using the GINA Export Functions
The DLL must implement and export a set of functions that Winlogon will call to identify and authenticate the user. The following topics show examples of how to implement some of these functions. For a complete list of the functions that the GINA must implement and export, see the Winlogon and GINA references.
GINA Export Functions
A GINA DLL must export the following functions:
Function | Description |
WlxActivateUserShell | Activates the user shell program. |
WlxDisplayLockedNotice | Allows the GINA DLL to display lock information. |
WlxDisplaySASNotice | Winlogon calls this function when no user is logged on. |
WlxDisplayStatusMessage | Winlogon calls this function with a status message to display. |
WlxGetConsoleSwitchCredentials | Winlogon calls this function to read the currently logged-on user’s credentials to transparently transfer them to a target session. |
WlxGetStatusMessage | Winlogon calls this function to get the current status message. |
WlxInitialize | Initializes the GINA DLL for a specific window station. |
WlxIsLockOk | Verifies that the workstation lock is okay. |
WlxIslogoffOk | Verifies that the logoff is okay. |
WlxLoggedOnSAS | Winlogon calls this function when it receives a secure attention sequence (SAS) event while the user is logged on and the workstation is not locked. |
WlxLoggedOutSAS | Winlogon calls this function when it receives an SAS event while no user is logged on. |
WlxLogoff | Notifies the GINA DLL that a logoff operation was requested. |
WlxNegotiate | Indicates whether the current version of Winlogon can be used with the GINA DLL. |
WlxNetworkProviderLoad | Winlogon calls this function after it loads a network provider to collect valid authentication and identification information. |
WlxRemoveStatusMessage | Winlogon calls this function to tell the GINA DLL to stop displaying the status message. |
WlxScreensaverNotify | Allows the GINA to interact with the screen saver operation. |
WlxShutdown | Winlogon calls this function just before shutting down, allowing the GINA to perform any shutdown tasks, such as ejecting a smart card from a reader. |
WlxStartApplication | Winlogon calls this function when the system needs an application started in the user’s context. |
WlxWkstaLockedSAS | Winlogon calls this function when it receives an SAS while the workstation is locked. |
The WlxNegotiate function must be implemented by a replacement GINA DLL. This is the first call made by Winlogon to the GINA DLL.
Winlogon determines which dispatch table is passed to the GINA in subsequent calls to WlxInitialize.
HookWlxDialogBoxParam is called from WlxInitialize to hook your dialog box procedure by ((PWLX_DISPATCH_VERSION_X_X) pWinlogonFunctions)->WlxDialogBoxParam = MyWlxDialogBoxParam;.
Here is the redirected WlxDialogBoxParam() function by MyWlxDialogBoxparam function:
int WINAPI MyWlxDialogBoxParam (HANDLE hWlx,
HANDLE hInst,
LPWSTR lpszTemplate,
HWND hwndOwner,
DLGPROC dlgprc,
LPARAM dwInitParam)
{
//
// Sanity check.
//
assert(pfWlxDialogBoxParam != NULL);//
// We only know MSGINA dialogs by identifiers.
//if (!HIWORD(lpszTemplate))
{
//
// Hook appropriate dialog boxes as necessary.
//
#ifdef _DEBUG
DEBUG_MSG(“WlxDialogBoxParam :%ld”,(DWORD) lpszTemplate);
#endif
switch ((DWORD) lpszTemplate)
{
case IDD_WLXDIAPLAYSASNOTICE_DIALOG:
{
#ifdef _DEBUG
DEBUG_MSG(“WlxDialogBoxParam : WLXDIAPLAYSASNOTICE_DIALOG”);
#endif
pfWlxDisplaySASDlgProc = dlgprc;
return pfWlxDialogBoxParam(hWlx, hInst, lpszTemplate,
hwndOwner,
MyWlxDisplaySASDlgProc,
dwInitParam);
}case 1500:
case IDD_WLXLOGGEDOUTSAS_DIALOG:
{
#ifdef _DEBUG
DEBUG_MSG(“WlxDialogBoxParam : WLXLOGGEDOUTSAS_DIALOG”);
#endif
pfWlxLoggedOutSASDlgProc = dlgprc;
return pfWlxDialogBoxParam(hWlx, hInst, lpszTemplate,
hwndOwner,
MyWlxLoggedOutSASDlgProc,
dwInitParam);
}
case 1900:
case IDD_WLXWKSTALOCKEDSAS_DIALOG:
{
#ifdef _DEBUG
DEBUG_MSG(“WlxDialogBoxParam : WLXWKSTALOCKEDSAS_DIALOG”);
#endif
pfWlxWkstaLockedSASDlgProc = dlgprc;
return pfWlxDialogBoxParam(hWlx, hInst, lpszTemplate,
hwndOwner,
MyWlxWkstaLockedSASDlgProc,
dwInitParam);
}
case 1950:
case IDD_WLXLOGGEDONSAS_DIALOG:
{
#ifdef _DEBUG
DEBUG_MSG(“WlxDialogBoxParam : WLXLOGGEDONSAS_DIALOG”);
#endif
pfWlxLoggedOnSASDlgProc = dlgprc;
return pfWlxDialogBoxParam(hWlx, hInst, lpszTemplate,
hwndOwner,
MyWlxLoggedOnSASDlgProc,
dwInitParam);
}
case 1700:
case IDD_CHANGE_PASSWORD_DIALOG:
{
#ifdef _DEBUG
DEBUG_MSG(“WlxDialogBoxParam : CHANGE_PASSWORD_DIALOG”);
#endif
pfChangePasswordDlgProc = dlgprc;
return pfWlxDialogBoxParam(hWlx, hInst, lpszTemplate,
hwndOwner,
MyChangePasswordDlgProc,
dwInitParam);
}
}
}//
// The rest will not be redirected.
//
return pfWlxDialogBoxParam(hWlx, hInst, lpszTemplate,
hwndOwner, dlgprc, dwInitParam);
}BOOL CALLBACK MyWlxLoggedOutSASDlgProc (HWND hwndDlg,
// handle to dialog box
UINT uMsg, // message
WPARAM wParam, // first message parameter
LPARAM lParam) // second message parameter
{
BOOL bResult;//
// Sanity check.
//
assert(pfWlxLoggedOutSASDlgProc != NULL);//
// Pass on to MSGINA first.
//
bResult = pfWlxLoggedOutSASDlgProc(hwndDlg, uMsg, wParam,
lParam);#ifdef _DEBUG
DEBUG_MSG(“Logout dlg msg id : %ld” , uMsg);
#endif
if (uMsg == WM_INITDIALOG)
{
DWORD dwIndex;
HWND hwndDomain;
NET_API_STATUS netstatus;
LPWKSTA_INFO_100 lpWkstaInfo;#ifdef _DEBUG
DEBUG_MSG(“Logout state init”);
#endif//
// Get local machine name.
//
netstatus = NetWkstaGetInfo(NULL, 100, (LPBYTE *)
&lpWkstaInfo);
if (netstatus != NERR_Success)
{
return bResult;
}//
// Convert to ANSI.
//
wcstombs(g_szLocalMachineName,
lpWkstaInfo->wki100_computername,
sizeof(g_szLocalMachineName));//
// and free the buffer.
//
NetApiBufferFree((LPVOID) lpWkstaInfo);//
// Manipulate the domain combo box so that only some
// predetermined trusted domains are included in the list.
//
// In our case, we restrict logon to local machine only.
//
hwndDomain = GetDlgItem(hwndDlg, IDC_WLXLOGGEDOUTSAS_DOMAIN);
if (hwndDomain == NULL)
{
return bResult;
}dwIndex = (DWORD) SendMessage(hwndDomain, CB_FINDSTRING,
0, (LPARAM) g_szLocalMachineName);
if (dwIndex != CB_ERR)
{
SendMessage(hwndDomain, CB_SETCURSEL, (WPARAM) dwIndex, 0);
EnableWindow(hwndDomain, FALSE);
}
}
else if ( uMsg == WM_PAINT)
{
RECT rect;
GetClientRect( hwndDlg , &rect);
rect.top = rect.bottom – 33;
DrawLogo(hwndDlg,IMAGE_FILE,rect.left , rect.top);
}return bResult;
}