When you use DiskLogon, you should take note of the
following:
Windows 2000 cannot support SeRemoteInteractiveLogonRight,
SeDenyRemoteInteractiveLogonRight and
SeRemoteShutdownPrivilege privileges. Hence, DiskLogon is
unable to determine if the user can logon to or shut down a
computer from a remote computer.
If a user wishes to log on to Windows 2000 Terminal
Server, he can do so if his password is accurate and he has
a SeInteractiveLogonRight privilege.
If a user wants to shut down Windows 2000 Terminal
Server, he can do so if he has the SeShutdownPrivilege
privilege.
For Windows XP/2003 users,
If you are unable to logon to your computer or the
Terminal Server, please make sure that your account has the
following privileges: SeInteractiveLogonRight,
SeRemoteInteractiveLogonRight.
If you are unable to shut down your computer or the
Terminal Server, please make sure that your account has the
following privileges: SeShutdownPrivilege,
SeRemoteShutdownPrivilege.
When the user presses the "Del+ATL+DEL" and clicks the
"Shutdown…" button, he has to wait for probably more than
ten seconds before the “Shut Down Windows” dialog box
appears.
If your computer joins the Domain and you want to
shut down your computer, DiskLogon will search your Domain
Server if the currently logged on user has the following
privileges: SeShutdownPrivilege, SeRemoteShutdownPrivilege.
If your computer is unable to connect to the Domain Server,
this might cause you to wait for a long time and find that
you cannot shut down your computer.
This can prevent the Terminal Server from being closed
accidentally by the user from a remote computer.
If you wish to send your memory card’s password to the
Terminal Server, you must open the Client’s Disk Redirection
function.
If you wish to send your memory card’s password to the
Terminal Web Server, you must add the following script code
to the terminal server webpage: (You can consult the
DiskLogon Terminal
Server webpage)
Windows System will give every logging on user a
distinctive session. Different sessions cannot enjoy each
other’s files/resources, thus it can guarantee that the
information of different users in the same computer will not
be accessed by other users.
Windows XP Terminal Server allows two different remote
users to have the same session. As long as they use the same
account name and password to log on. This will allow a
currently user to access a previous user’s information, or a
previous user to execute an malicious application to access
all the information of the currently logged on user.
In order to prevent you from getting the password
information in others’ memory cards and others from getting
the password information from your memory card, DiskLogon
will investigate whether the session’s owner is accurate. If
the DiskLogon determines the session owner is not the
currently logged on user, DiskLogon will not send the
password to Windows XP Terminal Server. This will probably
cause the currently logged on user to be unable to use his
memory card to unlock the terminal server. When this
situation occurs, you must first disconnect (no need to log
out), then log on to unlock computer.
This method can guarantee that your memory card password
will not be known to other remote users, but may cause you
to be unable to unlock your computer.
Terminal Server’s password can be entered arbitrarily.
You can enter up to exponentials of passwords to get the
accurate one.
You may decide whether you will allow a remote user to
enter their password to log on to the Terminal Server. If
you want to restrict a user in entering his password to log
on to the Terminal Server, you only need to disable ”Allow
users to enter their password to log on to this computer”.
This can guarantee that remote users cannot use the
following methods to enter his password and log on to
Terminal Server:
Setting the default password on the ”Remote Desktop
Connection” application.
Entering his password on the "Log on to Windows"
dialog box.
When you are saving your password, you will notice the
additional encryption algorithm selection. This algorithm
can guarantee that other computers cannot open your password
file. Hence, if you select this while saving your password,
you can decrease the probability of other uses not being
able to break your password.
DiskLogon will establish an unique KEY in every computer,
and the KEY in every computer are different. You can use
this KEY to encrypt your user account and password. If you
use this KEY to encrypt your account and password, then you
must also use this KEY to decrypt your password. If other
computers are unable to have the same KEY, then you cannot
decrypt your account or password. If you lose your memory
card, you need not worry that your password can be opened
through other computers.
For Terminal Services users, if their office computer
passwords are stored in the home computer’s memory card and
this selection is enabled, their home computer cannot break
their office computer passwords.
If you want to change your password, you must use
DiskLogon to change it.
DiskLogon provides two methods to change your password:
- Use DiskLogon GINA to change password
If you want to use DiskLogon GINA to change your
password, you can first press "CTRL+ATL+DEL" and then
click "Change Password…" button.
- Use "DiskLogon Options" program to change your
password
If you want to use "DiskLogon Options" program to change
your password, you must first open DiskLogon Options
program, then click "Password" to change it.
Please do not use other programs to change or reset your
password. If you use other programs to change your password,
you must use "DiskLogon Options" program to save your new
password in the memory card.
Do not use other programs to reset your password.
Resetting your password is very wrong and will likely cause
your documents to be unusable forever. If you want to change
your password, make sure if the password tools you are using
may reset your password. Some password programs may reset
your password when the password is unable to be changed.
|
