locked
Building Windows credential provider RRS feed

  • Question

  • Hi,

    I am trying to build my own credential provider for windows. What I am trying to do is to add a second-factor authentication to my credential provider.I am using pgina  open source I am able to replace the windows default credential provider to my own credential provider but I am trying to add another authentication factor on it. Say, as the user gives the username and password the Pgina actually store this data temporally and eventually send it to secure32.dll to SAM database for authentication. What I want is to add another authentication factor before the first authentication gets completed or to add the 2nd-factor authentication in such a way that authentication after completing the two-factor authentication my shell activation starts.

    Apart from this, I am facing problem in debugging as I am not able to use custom logging technique such printf or file writing logs. So how to debug during the windows startup.   

    Kindly suggest me an idea to resolve my problem. 

    Thanks,

    Ravi Ranjan


    rrnjn145



    • Edited by RvRnjn Monday, April 24, 2017 6:17 AM
    Monday, April 24, 2017 6:11 AM

All replies

  • Hi,

    This is the forum which is mainly discuses Windows Home Server system relate question.

    >I am trying to build my own credential provider for windows.
    Your question is beyond the product/support scope on this forum. I have found Credential Providers relate articles on MSDN forum.

    Credential Providers in Windows 10:
    https://msdn.microsoft.com/en-us/library/windows/desktop/mt158211(v=vs.85).aspx

    Winlogon and Credential Providers:
    https://msdn.microsoft.com/en-us/library/windows/desktop/bb648647(v=vs.85).aspx

    For credential provider, developer, coding relate questions, I would recommend you to post on MSDN forum, where more in-depth investigation can be done so that you would get a more satisfying explanation:
    https://social.msdn.microsoft.com/Forums/en-US/home?forum=homeen0us

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, April 25, 2017 9:55 AM
  • Hi,

    How things are going there on this issue?

    Please let me know if you would like further assistance.

    Best Regards,
    Eve Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, May 4, 2017 1:47 AM
  • Hi Wang,

    I have implemented the credential provider by implementing Icredentialprovider and Icredentialprovidercredential interface and thing are working fine as I am able to replace the default password provider with my own credential provider, Now I just want to implement second-factor Authentication in it.  Say, the username and password which I am giving is the first authentication.Now, after successful authentication of the first factor, what I  want is to have a second-factor authentication in it such that if this authentication fails then login to windows is still not successful.

    what I have done is when the username and password are authenticated in local SAM then its result is returned, in spite of returning the result value, I am just trying to pop a custom dialog in order to add some kind of authentication from server say OTP kind of things. The main problem is that I am not able to pop a dialog window in the modal state.

    Please tell me If I am correct in my approach or how to implement second-factor Authentication in the credential provider.Basically, I am trying to Implement the same the way Duo security's second-factor authentication works for RDP.  

    Thanks 

     


    rrnjn145




    • Edited by RvRnjn Tuesday, May 16, 2017 5:30 AM
    Monday, May 15, 2017 1:53 PM