pGina core add property PreferLocalAuthentication

- #70 If a system is a domain member pgina will authenticate users by def. against the domain To invert this behavior an admin can set PreferLocalAuthentication (if .\username is not convenient). pGina will than authenicate against the local machine (a pGina authentication is always local) To authenticate against the domain a user than needs to pass the domainname, like domain\user or [email protected]
MutonUfoAI · Aug 25, 2017 · ee3858f · ee3858f
1 parent 9ec9009
commit ee3858f
Show file tree

Hide file tree

Showing 5 changed files with 65 additions and 33 deletions.
diff --git a/pGina/src/Abstractions/WindowsApi/pInvokes.cs b/pGina/src/Abstractions/WindowsApi/pInvokes.cs
@@ -1755,7 +1755,7 @@ public static string CreateUserProfileDir(IntPtr hToken, string username)
             }
             else
             {
-                LibraryLogging.Error("CreateProfile error:{0} {1}", hResult, LastError());
+                LibraryLogging.Error("CreateProfile error:{0} {1} {2}", hResult, LastError(), path.ToString());
             }
 
             return "";

diff --git a/pGina/src/Configuration/ConfigurationUI.Designer.cs b/pGina/src/Configuration/ConfigurationUI.Designer.cs
diff --git a/pGina/src/Configuration/ConfigurationUI.cs b/pGina/src/Configuration/ConfigurationUI.cs
@@ -307,6 +307,7 @@ private void LoadGeneralSettings()
 
             // Display last username in logon screen
             chk_lastusername.Checked = Settings.Get.LastUsernameEnable;
+            chk_preferlocalauthentication.Checked = Settings.Get.PreferLocalAuthentication;
 
             //ntp server
             //this.ntpservers = Settings.Get.GetGetSetting("ntpservers");
@@ -946,6 +947,7 @@ private bool SaveSettings()
 
             // Display last username in logon screen
             Settings.Get.LastUsernameEnable = chk_lastusername.Checked;
+            Settings.Get.PreferLocalAuthentication = chk_preferlocalauthentication.Checked;
 
             if (Abstractions.Windows.OsInfo.IsVistaOrLater())
                 this.SaveCpSettings();

diff --git a/pGina/src/Core/Settings.cs b/pGina/src/Core/Settings.cs
@@ -67,6 +67,7 @@ public static void Init()
             s_settings.SetDefault("ntpservers", new string[] { "" });
             s_settings.SetDefault("LastUsername", "");
             s_settings.SetDefault("LastUsernameEnable", false);
+            s_settings.SetDefault("PreferLocalAuthentication", false);
 
             s_settings.SetDefault("CredentialProviderFilters", new string[] { });
 

diff --git a/pGina/src/CredentialProvider/Credential.cpp b/pGina/src/CredentialProvider/Credential.cpp
@@ -269,6 +269,23 @@ namespace pGina
 			std::wstring title;
 			pGina::Memory::ObjectCleanupPool cleanup;
 
+			if (pGina::Registry::GetBool(L"PreferLocalAuthentication", false))
+			{
+				std::wstring dom = username;
+				size_t pos = dom.find(L"\\");
+				if (pos == std::wstring::npos)
+				{
+					pos = dom.find(L"@");
+					if (pos == std::wstring::npos)
+					{
+						pDEBUG(L"Credential::Connect: no \"\\\" or \"@\" found in username but PreferLocalAuthentication defined: change username to: \".\\%s\"", dom.c_str());
+						dom = L".\\";
+						dom.append(username);
+						username = _wcsdup(dom.c_str());
+					}
+				}
+			}
+
 			pGina::Protocol::LoginRequestMessage::LoginReason reason = pGina::Protocol::LoginRequestMessage::Login;
 			switch(m_usageScenario)
 			{
-Original file line number
+Diff line change
@@ Expand Up @@
                 }
                 else
                 {
-                    LibraryLogging.Error("CreateProfile error:{0} {1}", hResult, LastError());
+                    LibraryLogging.Error("CreateProfile error:{0} {1} {2}", hResult, LastError(), path.ToString());
                 }
                 return "";
@@ Expand Down @@