General discussion

Locked

NT Workstation Security Issue..Need Help

By mshossain ·
My project, windows AT Scheduler will run a job at a specified time while the NT Workstation is "locked" by local user or admin.

Purpose:
1. Windows AT scheduler will run the first program on time.
2. First program then start the second program and put ID and Password at the login box of second.

The problem I am facing with the "Locked" condition:
3. The first is not able to put the Id and Password at the login box of the second.
4. As a result second does not get started.

Exception:
5.But If the Workstaion is "unlocked" everything works just fine.

Question:
1.Why is it doing like that?
2.Is it because of security issue with NT Server 4.0?
3.Can any one give me any suggestion?

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by gshollingsworth In reply to NT Workstation Security I ...

I am not exactly sure what method you are using to put ID and Password into second program, but I will guess some sort of keyboard input emulator.
Answers:
1, 2, & 3. When NT Workstation is locked the keyboard input is limited to pressing <ctrl>-<alt>-<del>, then supplying the password of the current user, or then supplying the ID and password (and domain if needed) of an administrator. No other keyboard input is valid when NT is locked. Placing an ID and password into a scripted operation isnot a very good idea unless the scripting interpreter allows for encryption of the ID and password. I suggest abandoning this method, for a more secure solution. To make this method work, you would have to test for a locked condition and provide theproper keystroke sequence to unlock. This would mean embedding another password into the scripting, making things even less secure. At that point you may as well assign blank passwords to all accounts and disable locking the workstation, it would simplify your project and be as secure as a Corvette in a parking lot running with it's door wide open. Don't do this if you want to keep the Corvette or protect your information. Usually this type of project is performed by running an application as asystem service, but the application must support this and should have it's own scheduler.

Back to Security Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums