Content deleted Content added
more clarity on version support |
more or less a complete rewrite |
||
Line 1:
==Overview==
GINA is a [[dynamically linked library]] that is loaded in the context of the [[Winlogon]] process when the machine is started. It is responsible for handling the [[secure attention key|secure attention sequence]] (SAS), typically [[Control-Alt-Delete]], and interacting with the user when this sequence is received. GINA is also responsible for starting initial processes for a user (such as the [[Windows Shell]]) when they first log on.
A default GINA, MSGINA.DLL, is provided by Microsoft as part of the operating system, and offers the following features:
- Authentication against Windows ___domain servers with a supplied user name/password combination
GINA is used with [[Windows NT 4]], [[Windows 2000]], [[Windows XP]] and [[Windows Server 2003]]. In [[Windows Vista]] and later operating systems, GINA has been entirely replaced by '''Credential Providers''', which allows for significantly more flexibility in supporting multiple credential collection methods.▼
- Displaying of a legal notice to the user prior to presenting the logon prompt
- Automatic Logon, allowing for a user name and password to be stored and used in place of an interactive logon prompt. Automatic logon can also be configured to execute only a certain number of times before reverting to interactive logon. In older versions of Windows NT, the password could only be stored in plain text in the registry; support for using the Local Security Authority's private storage capabilities was introduced in Windows NT 4.0 Workstation Service Pack 3 and Windows NT Server 3.51.
- "Security Options" dialog when the user is logged on, which provides options to shut down, log off, change the password, start the [[Task manager|Task Manager]], and lock the workstation.
Winlogon can be configured to use a different GINA, providing for non-standard authentication methods such as [[smart card]] readers or identification based on [[biometrics]], or to provide an alternate visual interface to the default GINA. Developers who implement a replacement GINA are required to provide implementations for a set of API calls which cover functionality such as displaying a "workstation locked" dialog, processing the secure attention sequence in various user states, responding to queries as to whether or not locking the workstation is an allowed action, supporting the collection of user credentials on [[Terminal Services]]-based connections, and interacting with a screen saver. The Winlogon component is solely responsible for calling these APIs in the GINA library.
Support for replacable GINA DLL's was introduced with Windows NT Server 3.51 and Windows NT Workstation 4.0 SP3. Successive versions of Windows have introduced additional functionality into Winlogon, resulting in additional functionality that can be implemented by a replacement GINA. Windows 2000, for example, introduced support for displaying status windows about the current state to the user (e.g. "Applying computer settings..."), and starting applications in the user's context; this facilitates restarting [[Windows Explorer]] automatically if it crashes, as well as starting the Task Manager.
When the Winlogon process starts, it compares its version number to that which is supported by the loaded GINA library. If the GINA library is of a higher version than Winlogon, Windows will not boot. This is done because a GINA library written for a given version of Winlogon will expect a certain set of API calls to be provided by Winlogon.
▲
==See also==
* [[List of Microsoft Windows components]]
==External links==
| |||