Network Providers

A Windows NT system may be configured to support zero or more Network Providers. Each of these network providers may specify that it requires special interactive authentication processing. This capability allows installed networks to collect identification and authentication information specific to each network, but allows them to collect it during normal logon and under the secure umbrella of Winlogon's context and secure desktop.

Winlogon calls network providers under a number of cirumstances. Following a successful logon, Winlogon calls network providers so they can collect their credentials and authenticate the user. Network providers are called when users change their passwords. This allows each user to maintain a single password for use on all networks.

The WLX_NPR_NOTIFY_INFO structure, which provides this funcitonality, is included in a number of APIs and is optional. It includes:

UserName The account name of the logged-on user.
Domain The domain name of the logged-on user. Not all authentication models have a domain concept (or its equivalent), so this may be NULL.
Password If the user gave a cleartext password during authentication, providing it here allows other network providers to use the same password (to achieve single logon) without prompting the user.
OldPassword Following a password change, providing the original password here, as well as the new password in the Password field, allows network providers to upgrade their passwords without prompting the user.

If you choose not to provide this information to network providers, for security reasons or any other reason, this entire structure is optional. You can provide a NULL pointer, requiring network providers to prompt for all their information.