8

I have searched quite a lot of places and I only found one GINA replacement called pGINA but it is in C++ which I don't know at all.

Does anybody know one in either C# or VB.NET?

(I'm writing software for use at work to control what employees are doing)

Jon Seigel
  • 12,251
  • 8
  • 58
  • 92
  • It would help if you'd give some hint as to what GINA is. – Jon Skeet Dec 16 '09 at 21:19
  • 1
    Is this GINA? http://msdn.microsoft.com/en-us/library/aa380543%28VS.85%29.aspx – Ryan Lundy Dec 16 '09 at 21:21
  • 3
    A computer acronym, GINA (all caps) is the Graphical Identification and Authentication dynamic-link library (DLL). The GINA is a replaceable DLL loaded by the Winlogon executable. The GINA implements the authentication policy of the interactive log on model and is expected to perform all identification and authentication user interactions. –  Dec 16 '09 at 21:22
  • Before asking something, perhaps you should consider "what would it be like if malware was able to do this?". – Anon. Dec 16 '09 at 21:22
  • 2
    Anon, I don't see any reason why malware *couldn't* do this, provided it first had admin access to your machine. Same with a non-.NET GINA, which you certainly can do. – Craig Stuntz Dec 16 '09 at 21:35

2 Answers2

11

Hosting .NET in Winlogon (where GINA dlls are loaded) is probably not such a hot idea- could cause all sorts of conflicts if something else decides to do the same thing, and if you trash winlogon, you're not getting anywhere with that PC. Also, GINA has been replaced as of Vista with ICredentialProvider (see here)- so your investment would be lost as soon as you move to a newer OS. Even there, the same thing applies: custom credential providers are loaded into Winlogon, so probably not a great idea to use .NET there.

Regardless, both of these are intended to support custom authentication modules, not "controlling what employees are doing". There are other ways to run software on the logon desktops, if that's what you're trying to do.

All that said, if you still want to try it, you'll need an unmanaged shim DLL, C++/CLI or some IL hacking (see here) to export the GINA functions because C# can't directly export DLL functions. A pure managed C# solution isn't possible.

nitzmahone
  • 13,720
  • 2
  • 36
  • 39
  • Thanks a lot , I didn't know that about vista –  Dec 16 '09 at 21:41
  • Hmm... I believe on Windows Vista the "CPs" are loaded into a special child process of winlogon.exe: logonui.exe for the particular purpose that "custom code" should not be able to crash winlogon.exe (http://msdn.microsoft.com/en-us/magazine/cc163489.aspx). Nevertheless I would still agree with your retentions. – Christian.K Mar 06 '10 at 09:46
  • True, the LogonUI host isolates misbehaving CPs from WinLogon, but not from each other. If multiple managed CPs were to load into the same host, the potential for conflicts is quite high. IIRC, if LogonUI is "broken" by a bad CP, you still can't log in. – nitzmahone Mar 06 '10 at 18:49
2

To expand on nitzmahone's eexcellent points:

Completely replacing GINA is really a no-no using managed code. OTOH, it is quite possible to write a replacement GINA in C++ and have it call .Net code to do the grunt work.

Some years ago I used this technique to replace the CTRL+ALT+DEL screen with a fancy news service. My custom GINA was a proxy for the standard GINA. Most of the time it transparently passed calls on to the standard GINA. The exception was that it ran the .exe for the .Net app instead of displaying the ALT+DEL+CTRL screen, then waited for the .exe to terminate before displaying the logon screen.

With regret, I abandoned the project when it was clear that the work could not be directly applied to Vista.

Kramii
  • 8,379
  • 4
  • 32
  • 38