How to disable Ctrl-Alt-Delete in Win2k in VB?

[gregory_may]

I am developing an application where I need to secure a
workstation for periods of time. I can use BlockInput to
stop users from task switching or messing with the
keyboard, but I would like to disable Ctrl-Alt-Delete as well.

Is there an easier way than writing a GINA stub? The following articles
seem great, but Since I am not a C guru, they feel a bit hard to grasp....
I was hoping to see a basis in VB someplace.

If anyone has a simpler way to disable Ctrl-Alt-Delete in Win2k, I am all
ears! I have seen that I could tweak the Policy via regestry entries (to
turn off the LogOff and TaskManager buttons), but I was hoping to disable
Ctrl-Alt-Del altogether:
http://msdn.microsoft.com/msdnmag/issues/02/09/CQA/default.aspx

This article seems to give a good overview of creating a GINA stub, if I
knew C better ....:
http://www.codeguru.com/mfc/comments/2574.shtml

Here is a Microsoft article that tells me about a Platform SDC with the C
code that I need, but I was hoping for a VB port someplace. C is pretty
weak for me.
http://msdn.microsoft.com/library/d...en-us/security/security/winlogon_and_gina.asp

Here is a guy doing it in DELPHI! If Delphi can do it, why not VB?????:
http://rds.yahoo.com/S=2766679/K=gi.../Programming_Languages/Delphi/Q_20747621.html

 

[Tian Min Huang]

Hello,

Thanks for your post. As I understand, you want to trap and disable
Ctrl-Alt-Delete programmatically in Win2K. Please correct me if there is
any misunderstanding. I reviewed your description carefully, and now I'd
like to share the following information with you:

1. As documented in the article to which you pointed, you can use
DisableTaskMgr to disable Ctrl+Alt+Del. To trap Ctrl+Alt+Del, you have
three options: write a GINA stub, write a keyboard driver, or replace
TaskMgr.exe with your own program. I recommend you create a GINA stub which
is comparatively easy to implement among these three options.

2. However, we have to use VC instead of VB to implement a GINA Stub. As
you know, a GINA Stub is a native dynamic-link library (DLL) exported to
Winlogon that requires a valid, consistent function to call into. This
requires a DLL export, which .NET Framework does not support. Managed code
(VB .NET, C#) has no concept of a consistent value for a function pointer
because these function pointers are proxies that are built dynamically.

3. There is an existing GINA Stub sample in MSDN. To trap/disable
Ctrl-Alt-Delete, you just need to replace its WlxLoggedOnSAS with the one
in my code snippet below.

GinaStub Sample: Pass-through "Stub" Gina
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vcsample98/
html/vcsmpginastubsample.asp?frame=true

/*----------------------------code snippet----------------------*/
int
WINAPI
WlxLoggedOnSAS(
PVOID pWlxContext,
DWORD dwSasType,
PVOID pReserved)
{
if (dwSasType == WLX_SAS_TYPE_CTRL_ALT_DEL)
{
/* Add additional code of you own */
return WLX_SAS_ACTION_NONE;
}
else
return GWlxLoggedOnSAS( pWlxContext, dwSasType, pReserved );
}
/*-----------------------------end of--------------------------------*/

In addition, I believe the following MSDN aritcles are helpful:

WlxLoggedOnSAS
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/se
curity/wlxloggedonsas.asp

Loading and Running a GINA DLL
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/se
curity/loading_and_running_a_gina_dll.asp

Please feel free to let me know if you have any problems or concerns.

Have a nice day!

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

 

[gregory_may]

Thanks Tain:

You have pointed out a few items that are very helpful. I will have to roll
up my sleves and see what I can make of creating a GINA stub via VC. Thanks
for your help!

g.

 

[gregory_may]

Tain:

I appologize, but all the links you supplied do not work.... I am wondering
If I dont have enough permissions to veiw these articles?

g.

 

[Tian Min Huang]

Hi,

I checked the links and they work as expected. Please note that each link
may be wrapped to two lines, you have to input them as one line in the
address box in IE.

Hope this helps.

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

 

[gregory_may]

Wrapping ... didnt notice that. Thanks. I am good now!

g.

 

[gregory_may]

According to this article:
http://msdn.microsoft.com/library/d...y/security/loading_and_running_a_gina_dll.asp

I need to alter this key to point to a new GINA implementation. Does
WinLogon read this key prior to any GINA execution? Can I modify this key
on the fly to point to different Gina implementations?

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\
CurrentVersion\Winlogon\GinaDLL

 

[Tian Min Huang]

Hello,

Yes, WinLogon need to read this key first and then load the corresponding
GINA dll. Whenever we modify this key (on the fly), we have to restart the
system to activate it.

Does this answer your questions?

Regards,

HuangTM
Microsoft Online Partner Support
MCSE/MCSD

Get Secure! -- www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.