User credential management – system level vs. application level

  • Thread starter Thread starter Tony Brown
  • Start date Start date
T

Tony Brown

Hello,

We are currently using AutoAdminLogon in the registry to get logon to
windows XP embedded, we then launch our application with an entry in the Run
key. We manage security to various features of our application with our own
set of user credentials.

Some users need to have system administration privileges, and other users
should not.

I am looking for advice related to two issues we are having with this
implementation.
1. Switching Windows OS users is slow and causes our application to close
2. We end up with two sets of username/password credentials, one for the OS
and one for our application.

Ideally, we would like to manage logon credentials in one location, allow
quick user switching, and have the same UI application for each user.

All advice is appreciated,

Thank you,
Tony Brown
 
Hello,

We are currently using AutoAdminLogon in the registry to get logon to
windows XP embedded, we then launch our application with an entry in the Run
key.  We manage security to various features of our application with ourown
set of user credentials.

Some users need to have system administration privileges, and other users
should not.

I am looking for advice related to two issues we are having with this
implementation.  
1. Switching Windows OS users is slow and causes our application to close
2. We end up with two sets of username/password credentials, one for the OS
and one for our application.

Ideally, we would like to manage logon credentials in one location, allow
quick user switching, and have the same UI application for each user.

All advice is appreciated,

Thank you,
Tony Brown
Click to expand...

I'm not entirely sure how your application uses different rights, but
perhaps the CreateProcessWithLogonW function from advapi32.dll would
help. It is the programmatic equivalent of "Run As" in Explorer. We
use that in our systems for certain things. You just need to make sure
that you add the "RunAs Service" component to your image to use it.
 
Tony,

Just wondering why do you have to switch Windows users if your app has its
own set of user credentials?
 
Why not one account with a single password? You could create a back door
password for an administrator to access things like control panel.

Regards,

Sean Liming
www.sjjmicro.com / www.seanliming.com
Book Author - XP Embedded Advanced, XP Embedded Supplemental Toolkit
 
Back
Top