[Vpn-help] FW: Connection before domain login
Matthew Grooms
mgrooms at shrew.net
Sat Dec 12 14:52:50 CST 2009
gregmail at outtacyte.com wrote:
> Sounds like the perfect time to steal share from Cisco. The EasyVPN
> doesn't do it either.
>
> From what I gathered by reading from some Vista SDK documentation the
> Credential Provider acquires the credentials from the user @ Logon.
>
> From there, I gather that the credential provider could then establish
> the vpn connection (Mine is straight PSK) and then any XAuth would be
> the credential given by the user.
>
> This would allow the tunnel to be set up and then the CP could pass the
> credential to WinLogon finishing the logon.
>
> OK. I don't really need XAuth in my situation, just a tunnel. Would it
> be possible to have a service start when the system starts and set up
> the tunnel before the logon was even attempted?
>
> If that would be possible, then I can see pretty easily (I think) how
> the CP could then interact with the service to wake it up and have it do
> it's thing.
>
> humm...
>
> Since I know we can set up the tunnel using the command-line tool,
> couldn't I just wrap a service around that?
>
The Shrew Soft services should be running before login. However, the UI
is designed to pull configuration information from within the context of
a user login. In other words, the program configuration is stored in the
HK current user branch. Even if it were possible for the UI to interact
with you before you are logged in ( highly doubtful ), the registry keys
that contain the site configuration wouldn't be available.
-Matthew
More information about the vpn-help
mailing list