Events
May 19, 6 PM - May 23, 12 AM
Calling all developers, creators, and AI innovators to join us in Seattle @Microsoft Build May 19-22.
Register todayInitializing Winlogon
When Winlogon initializes, it registers the CTRL+ALT+DEL secure attention sequence (SAS) with the system, and then creates three desktops within the WinSta0 window station.
Registering CTRL+ALT+DEL makes this initialization the first process, thus ensuring that no other application has hooked that key sequence.
WinSta0 is the name of the window station object that represents the physical screen, keyboard and mouse. Winlogon creates the following desktops in the WinSta0 object.
| Desktop | Description |
|---|---|
| Winlogon desktop | This is the desktop that Winlogon and GINA use for interactive identification and authentication, and other secure dialog boxes. Winlogon automatically switches to this desktop when it receives SAS event notification. |
| Application desktop | Each time a user successfully logs on, an application desktop is created for that logon session. The application desktop is also known as the default or user desktop. This desktop is where all user activity takes place. The application desktop is protected; only the system and the interactive logon session have access to it. Note that only a particular instance of the logged-on user has access to the desktop. If the interactive user activates a process using the service controller, that service application will not have access to the application desktop. |
| Screen saver desktop | This is the current desktop when a screen saver is running. If a user is logged on, both the system and the interactive logon session have access to the desktop. Otherwise, only the system has access to the desktop. |
As the owner of these desktops, Winlogon can switch the current, or visible, desktop to any of the three desktops and allow the GINA access to this functionality. In general, GINA developers will not change the current desktop because Winlogon sets the desktop appropriately before communicating with the GINA. The description of each GINA function indicates which desktop is current for that call.
| For information about | See |
|---|---|
| The different states in which Winlogon can run | Winlogon States |
| Time out operations | Supported Dialog Box Service Time-out Operations |
| Sending messages to GINA while a dialog box is displayed | Sending Messages to the GINA |
| Support functions | Winlogon Support Functions |
Additional resources
Training
Module
Explore authentication - Training
In this module, you will learn about the differences between authentication and authorization.
Documentation
-
Winlogon maintains the workstation state that is used by the GINA to determine what authentication actions are required.
-
Winlogon handles interface functions that are independent of authentication policy. It creates the desktops for the window station, implements time-out operations, and provides a set of support functions for the GINA.
-
Supported Dialog Box Service Time-out Operations - Win32 apps
Winlogon implements two time-out operations, one for secure dialog boxes and the other for screen saver activation and termination.