NPLogonNotify始终在帐户LocalSystem下调用??? [英] NPLogonNotify always called under account LocalSystem???
问题描述
在MSDN的凭据管理器"页面上,以及凭证管理API",它明确指出:凭证管理功能总是在系统上下文(LocalSystem)中而不是在用户上下文中调用."它所引用的凭据管理功能是NPLogonNotify和NPPasswordChangeNotify.
但是,我有一个案例,至少在Vista ***下,在[Terminal-Services]会话1中调用了NPLogonNotify函数,该上下文当然是用户的上下文,而不是LocalSystem的上下文! !!在这种情况下,我的凭据管理器DLL是通过mpnotify.exe加载的,通过该DLL可以公开所述功能.
为了公平起见...
1)我确实知道在Vista下有这样的情况,即在上下文LocalSystem下的会话0中调用了该函数.由于这是根据上面引用的文件,因此我没有记录这些案件的情况;更重要的是,它们发生在前一段时间-至少几个月.但是,上面引用的文档说,这些功能总是在本地LocalSystem上下文中调用的-正如我所看到的那样,这不是真的,我在此抱怨.
2)我无法谈论XP(或2000)下的这种虚假,因为它对我进行测试并不方便.此外,我对这些O.S.感兴趣,但对Vista的兴趣却没那么大.
那是什么故事?关于调用此功能和其他凭据管理功能-NPPasswordChangeNotify的会话和上下文选择的押韵和/或原因是什么?在什么情况下在本地LocalSystem(会话0)下调用这些函数?在用户上下文下,根据什么称呼它们?
在此先感谢您提供任何帮助.
NPLogonNotify和NPPasswordChangeNotify在本地系统" 帐户下调用(SID为"S-1- 5-18").
谢谢,
Sergey
On MSDN's pages for "Credential Manager" and "Credential Management API", it clearly states, "The credential management functions are always called in the system context (LocalSystem) rather than the user context." The credential management functions to which it refers are NPLogonNotify and NPPasswordChangeNotify.
Yet, I have a case whereby, *** at least under Vista ***, function NPLogonNotify is called in [Terminal-Services] session 1, whose context, of course, is that of a user, not LocalSystem!!! In this case, my credential-manager DLL, through which said function is exposed, is loaded by mpnotify.exe.
To be fair...
1) I do know that there have been cases, under Vista, whereby said function is called in session 0, under context LocalSystem. As that was in accordance with the documentation cited above, I did not record the circumstances of these cases; what's more, they happened some time ago -- at least a couple of months. The documentation cited above, however, says that those functions are ALWAYS called under context LocalSystem -- not true, as I have seen, and about which I'm complaining here.
2) I cannot speak about this falsity under XP (or 2000, for that matter), as it has not been convenient for me to do test. Furthermore, I'm interested in these O.S.', but less so than in Vista.
So, what's the story? What is the rhyme and/or reason for choice of session and context, regarding the calling of this function and the other credential-management function -- NPPasswordChangeNotify? Under what circumstances are these functions called under context LocalSystem (session 0)? Under which are they called under a user-context?
Thanks, in advance, for any help.
Erik,
It seems that you are confusing Windows Sessions and Accounts. On Vista NPLogonNotify and NPPasswordChangeNotify are called under "Local System" account (SID is "S-1-5-18").
Thanks,
Sergey
这篇关于NPLogonNotify始终在帐户LocalSystem下调用???的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
