NPLogonNotify() in our credential manager is not called

  • Thread starter Thread starter jimt
  • Start date Start date
J

jimt

Here is another of those XP Pro vs XPe differences, maybe...

Under XP Pro the NPLogonNotify() function in our credential manager is
called when someone logs into Windows using the usual login scheme. As
expected, as documented.

Under XP Embedded SP2 + FP2007 the exact same application does not work.
The XPe, using the XPProEmulation filter from the XPeTools pkg, was used to
build a full image. Login using the usual ctl-alt-delete is done, and
NPLogonNotify() is not called.

Does anyone have this working on XPe? I saw a few hot fixes, but they were
certainly rolled into XPe by now(?). No prior mention in the NG about this.
Any tips would be appreciated.

Thanks,
 
Bump; Anyone out there that could please help on this it would be
appreciated...


"jimt"> Here is another of those XP Pro vs XPe differences, maybe...
 
Jim,

I've missed this post. Probably was at MEDC.

Never tested credential managers on XPProEmulation.

Your issue is unlike due to missing dependencies since you used XPProEmulation. Also, basically all is needed is Winlogon and MPR
library. The only difference could be in some missing registry entries.

Quick question, did you test your credential manager DLL (the same exact binary) on XP Pro? Does it work there?

Did you register it under HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider key?
Did you append your DLL name to the "Notification Packages" key under HKLM\SYSTEM\CurrentControlSet\Control\Lsa?
Was your service properly register under HKLM\SYSTEM\CurrentControlSet\ Services\<your service name>? Does it have the
NetworkProvider subkey and, more important, Class value there with the WN_CREDENTIAL_CLASS bit set?

Read more about the required authentication reg keys here: http://msdn2.microsoft.com/en-us/library/aa374737.aspx.

There was also a very good guide written for Logon Filters here: http://www.codeproject.com/w2k/LoginFilter.asp.
The section you should be interested in is the "Adding to the Registry".
 
Hi KM,

Thanks for responding. While I authored the XPe runtime image, another
engineer wrote the credential manager DLL. His additional comments:
...our provider works just fine on WxpPro (and on w2k, w2k3, & Vista)
with identical registry values. We should have mentioned in the
original posting that, on XPe, our provider is notified when a service
logs in (presumably with LogonUser and ImpersonateLoggedOnUser) but is
not notified for interactive logins. In researching this, we saw a
posting somewhere (don't remember exactly where) of someone with the
exact same problem so we know that we're not the only ones experiencing
this.
Click to expand...

Our DLL author also reports that he has gone thru all the items in your
checklist and did not find a problem. Since this DLL + registry settings,
as installed by our installer, works on the other OS's, I suppose it's no
surprise that they are all being set up properly in XPe.

Does it help to know that, on XPe only, the programatic login will work
with the DLL, but the main login to windows does not?
 
Our author of the credential manager DLL submitted an official support
request with Microsoft, and got the answer. And it is a surprise. Turns
out that the Mpnotify.exe executable was accidently omitted from the Windows
XP Embedded product. Left out! When we copied this executable over to our
XPe system, the credential manager DLL was called as expected. The problem
was fixed.

According to the MS person who responded, "The product group is aware of
this issue and the hope is for them to consider fixing it in future releases
by adding a component that contains mpnotify.exe or just adding the binary
to the Winlogon component."

That doesn't fix the problem for us however, as the XPe license does not
permit the shipping of an XP Pro executable within an XPe image (as I
undertand it, anyway).
 
Another update on mpnotify.exe from our MS support guy ... turns out
mpnotify.exe *is* in the repository. However none of the Xpe FP2007 (or
earlier) components are referencing this executable, so it never gets pulled
into the runtime image.

Since mpnotify.exe is included in the XPe Studio distribution, the
executable can be distributed with the usual licensing in an XPe runtime.
It should be a simple matter to construct your own component that just
references this executable and include that component in the build. Problem
solved.
 
Jim,,

Sorry, I couldn't have replied you earlier. I am at WinHEC this week and it
is quite busy. I only got to computer now and saw the long serious of post
you did in this thread.

Yes, the missing mpnotify.exe is a known issue (has been there since RTM,
don't know why it is still not fixed).

Now, when we know what's was missing from the image to get your credential
management library working it is easy to find the confirmation on Microsoft
website. The NPLogonNotify won't work if mpnotify.exe is not running (e.g.,
missing or crashed): http://support.microsoft.com/kb/885423. Basically, it
is the mpnotify.exe process who calls the NPLogonNotify function of the
network provider .dll file.

Thanks for posting your finding and info from MS here!

KM

Another update on mpnotify.exe from our MS support guy ... turns out
mpnotify.exe *is* in the repository. However none of the Xpe FP2007 (or
earlier) components are referencing this executable, so it never gets
pulled into the runtime image.

Since mpnotify.exe is included in the XPe Studio distribution, the
executable can be distributed with the usual licensing in an XPe runtime.
It should be a simple matter to construct your own component that just
references this executable and include that component in the build.
Problem solved.
Click to expand...
 
Back
Top