Winlogon and GINA
Winlogon, the GINA, and network providers are the parts of the interactive logon model. The interactive logon procedure is normally controlled by Winlogon, MSGina.dll, and network providers. To change the interactive logon procedure, MSGina.dll can be replaced with a customized GINA DLL.
To work with Winlogon, the GINA, and network providers, you should have a firm knowledge of the Windows security architecture, especially with regard to tokens, authentication packages, and related matters.
Note
GINA DLLs are ignored in Windows Vista.
For information about specific functions and structures, see Authentication Reference. This reference section includes descriptions of the functions that a GINA DLL must implement, the Winlogon support functions that the GINA DLL can call, and the data structures used to pass information between Winlogon and the GINA.
Sample GINA code can be found in the Platform Software Development Kit (SDK) Security samples. The samples contain C code for implementing a GINA stub and a GINA hook. For more information about custom GINA DLL development, send an email message to: ginareqs@microsoft.com.
For information about the authentication model supported by Windows and for details about the Local Security Authority (LSA) services and authentication package interfaces, see LSA Authentication.
For information about the aspects of the Local Security Authority that relate to the administration of security policy, which includes trust relationships with other computers and domains, assignment of privileges, audit generation control, system accessibility, and other similar topics, see LSA Policy.
For information about Winlogon and GINA, see the following topics.
| Topic | Description |
|---|---|
| Winlogon | Winlogon provides a set of support functions for the GINA DLL. |
| GINA | A GINA DLL provides customizable user identification and authentication procedures. |
| Terminal Services GINA Functions | When Terminal Services are enabled, the GINA must call Winlogon support functions to complete several tasks. |
| Interaction with Network Providers | You can configure a system to support zero or more network providers. |
| Responsibilities and Features | Each part of the interactive logon process has a set of responsibilities. |
| Interaction Between Winlogon and GINA | The state of Winlogon determines which GINA function is called to process any given secure attention sequence (SAS) event. |
| Winlogon Notification Packages | You can implement a notification package to monitor and respond to Winlogon events. |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for