WlxLoggedOutSAS function
[The WlxLoggedOutSAS function is no longer available for use as of Windows Server 2008 and Windows Vista.]
The WlxLoggedOutSAS function must be implemented by a replacement GINA DLL. Winlogon calls this function when it receives a secure attention sequence (SAS) event while no user is logged on.
Syntax
int WlxLoggedOutSAS(
_In_ PVOID pWlxContext,
_In_ DWORD dwSasType,
_Out_ PLUID pAuthenticationId,
_Inout_ PSID pLogonSid,
_Out_ PDWORD pdwOptions,
_Out_ PHANDLE phToken,
_Out_ PWLX_MPR_NOTIFY_INFO pNprNotifyInfo,
_Out_ PVOID *pProfile
);
Parameters
- pWlxContext [in]
-
A pointer to the GINA context associated with this window station. The GINA returns this context value when Winlogon calls WlxInitialize for this station.
- dwSasType [in]
-
Specifies the type of SAS that occurred. Values from zero to WLX_SAS_TYPE_MAX_MSFT_VALUE are reserved to define standard Microsoft SAS types. GINA developers can define additional SAS types by using values greater than WLX_SAS_TYPE_MAX_MSFT_VALUE.
The following SAS types are predefined.
Value Meaning - WLX_SAS_TYPE_CTRL_ALT_DEL
Indicates that a user has typed the standard CTRL+ALT+DEL SAS.
- WLX_SAS_TYPE_SC_INSERT
Indicates that a smart card has been inserted into a compatible device.
- WLX_SAS_TYPE_SC_REMOVE
Indicates that a smart card has been removed from a compatible device.
- WLX_SAS_TYPE_TIMEOUT
Indicates that no user input was received within the specified time-out period.
- pAuthenticationId [out]
-
Specifies the authentication identifier associated with the current logon session. You can get this value by calling GetTokenInformation to obtain a TOKEN_STATISTICS structure for the token returned by the LogonUser function.
- pLogonSid [in, out]
-
On input, this parameter points to a security identifier (SID) that is unique to the current logon session. Winlogon uses this SID to change the protection on the window station and application desktop so that the new logged-on user can access them.
On output, Winlogon provides a SID. You can also get the SID by using the GetTokenInformation function to retrieve a TOKEN_GROUPS structure for the token returned by the LogonUser function. To do this, search the array returned in the TOKEN_GROUPS structure for the group with the SE_GROUP_LOGON_ID attribute.
- pdwOptions [out]
-
A pointer to a DWORD that contains the set of logon options. The following option is defined.
Value Meaning - WLX_LOGON_OPT_NO_PROFILE
Indicates that Winlogon must not load a profile for the logged-on user. Either the GINA DLL will take care of this activity, or the user does not need a profile.
- phToken [out]
-
A pointer to a handle variable. When the logon operation succeeds, set this handle to a token that represents the logged-on user. Use the LogonUser function to get this token, then, when the user logs off, Winlogon closes this handle and calls the WlxLogoff function.
If you need this handle after calling the WlxLogoff function, make a duplicate of the handle before returning it to Winlogon.
- pNprNotifyInfo [out]
-
A pointer to an WLX_MPR_NOTIFY_INFO structure that contains domain, user name, and password information for the user. Winlogon will use this information to provide identification and authentication information to network providers.
The GINA is not required to return password information. Any NULL fields within the structure will be ignored by Winlogon. Use LocalAlloc to allocate each string; Winlogon will free them when they are no longer needed.
The GINA should provide domain, user, and password values for complete Session Directory functionality. If the password is not provided, Session Directory will require the user to input the password twice before the user is connected to the server.
For information about protecting passwords, see Handling Passwords.
- pProfile [out]
-
On return from a successful authentication, the pProfile parameter points to either a WLX_PROFILE_V1_0 or a WLX_PROFILE_V2_0 structure. The first DWORD in the structure indicates which structure it is. Winlogon uses this structure to load the profile of the logged-on user, and frees the memory associated with the structure when it no longer needs it.
Return value
If the function fails, the function returns zero.
If the function succeeds, it returns one of the following values.
| Return code | Description |
|---|---|
|
Indicates a user has logged on. |
|
Indicates the logged attempt was unsuccessful or canceled. |
|
Indicates the user requested that the system be shut down. |
Remarks
Before calling WlxLoggedOutSAS, Winlogon sets the desktop state so that the current desktop is the Winlogon desktop and sets the workstation state so that the desktop is locked.
Do not activate the user shell program in WlxLoggedOutSAS. The user shell program should always be activated in WlxActivateUserShell.
Requirements
|
Minimum supported client |
Windows XP [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2003 [desktop apps only] |
|
End of client support |
Windows XP |
|
End of server support |
Windows Server 2003 |
|
Header |
|
See also