GINA / Credential Provider based Self Service Password Management

Most organizations rely on password self service management tools to keep track of the password related chores of the user. However, on the flip side, most password self service solutions can be accessed only from a web browser. Therefore, the locked out users are coerced to reset their passwords from a colleague’s workstation or from a kiosk with a web browser. This defeats the whole purpose of self service password management. To get the better of such situations, ManageEngine ADSelfService Plus offers a comprehensive password self service management solution.

With the help of ADSelfService Plus GINA/CP logon agent, ADSelfService Plus enables users to reset password /unlock account from the log on screen of their Windows machines. This feature helps organizations to trim down costs associated with IT help desk calls. It also emancipates administrators from such trivial issues and helps them focus on more important tasks.

ManageEngine ADSelfService Plus renders the ADSelfService CP logon agent as a credential provider (CP) tile in machines running on Windows Vista and above (Windows 10 included).

Supported Operating Systems :

  • Windows 10
  • Windows 8.1
  • Windows 8
  • Windows 7
  • Windows Vista
  • Windows Server 2012
  • Windows Server 2008 r2
  • Windows Server 2008

ADSelfService Plus GINA logon agent takes the responsibility of displaying the Reset Password/ Unlock Account button in the logon screens of machines running on older versions of Windows. ADSelfService Plus GINA is basically an extension of the standard Microsoft GINA and has the same functionality as the ADSelfService Plus CP agent.

Supported Operating Systems :

  • Windows XP
  • Windows Server 2003 r2
  • Windows Server 2003

What is a Credential Provider?

Self service password Windows GINA/Credential Provider
Self service password Windows GINA/Credential Provider

Credential Providers are COM objects that are displayed when a Secure Attention Sequence event (pressing CTRL+ALT+DEL Key combination) is initiated. They procure information about the user’s credentials and pass them over to the Local Security Authority server for authentication. They were first introduced with Windows Vista and from then on had been an integral part of all Windows versions. Third party Credential Providers (ex: ADSelfService Plus CP agent) can also exist with the CPs that Microsoft provides.

What is MS GINA?

Self service password Windows GINA/Credential Provider

Graphical Identification and Authentication (GINA) is basically a dynamic linked library that is loaded by Winlogon, during the booting process. Technically speaking, it is the msgina.dll that initiates the "Press CTRL+ALT+DEL to logon" screen to be displayed and accept the username and password. More functionality can be added to MS GINA with the help of extensions. The GINA extensions are also dlls and can be installed on a computer in multiple numbers.

What is ADSelfService Plus GINA/CP logon agent ?

ADSelfService Plus GINA/CP logon agent is an integral component of ADSelfService Plus that enables the end users to access ADSelfService Plus from the logon screens of their Windows machines. It empowers the users to securely reset their passwords and unlock their accounts without helpdesk intervention or assistance from other users.

The ADSelfService Plus GINA/CP Advantage

The ADSelfService Plus GINA/CP logon agent restricts unauthorized users from accessing the application by securing/managing the identities of enrolled users. Click here to know more.

The ADSelfService Plus GINA/CP agent can be pushed to the client machines by simply installing the ADSelfService Plus Application from the server to the client machines. Click here to know more about the installation of ADSelfServiGINA/CP logon agent.

The Functionality and Usage of ADSelfService Plus GINA, will explain the working of the feature in detail.