When you use
DiskLogon, you should take note of the following:
Log on
to Windows 2000 Terminal Server
Windows
2000 cannot support SeRemoteInteractiveLogonRight,
SeDenyRemoteInteractiveLogonRight and
SeRemoteShutdownPrivilege privileges. Hence, DiskLogon
is unable to determine if the user can logon to or shut
down a computer from a remote computer.
If a user
wishes to log on to Windows 2000 Terminal Server, he can
do so if his password is accurate and he has a
SeInteractiveLogonRight privilege.
If a user
wants to shut down Windows 2000 Terminal Server, he can
do so if he has the SeShutdownPrivilege privilege.
For
Windows XP/2003 users,
If you are
unable to logon to your computer or the Terminal Server,
please make sure that your account has the following
privileges: SeInteractiveLogonRight,
SeRemoteInteractiveLogonRight.
If you are
unable to shut down your computer or the Terminal
Server, please make sure that your account has the
following privileges: SeShutdownPrivilege,
SeRemoteShutdownPrivilege.
Waiting too long for the “Shut down Windows” dialog box
to open
When the
user presses the "Del+ATL+DEL" and clicks the
"Shutdown…" button, he has to wait for probably more
than ten seconds before the “Shut Down Windows” dialog
box appears.
If your
computer joins the Domain and you want to shut down your
computer, DiskLogon will search your Domain Server if
the currently logged on user has the following
privileges: SeShutdownPrivilege,
SeRemoteShutdownPrivilege. If your computer is unable to
connect to the Domain Server, this might cause you to
wait for a long time and find that you cannot shut down
your computer.
This can
prevent the Terminal Server from being closed
accidentally by the user from a remote computer.
Unable
to send the memory card’s password to the Terminal
Server
If you
wish to send your memory card’s password to the Terminal
Server, you must open the Client’s Disk Redirection
function.
If you
wish to send your memory card’s password to the Terminal
Web Server, you must add the following script code to
the terminal server webpage: (You can consult the
DiskLogon Terminal Server webpage)
Windows XP Terminal Services user unable to unlock
computer
Windows
System gives every logging on user a distinctive
session. Different sessions cannot share each other’s
files/resources, thus it can guarantee that the
information of different users in the same computer will
not be accessed by other users.
Windows XP
Terminal Server allows two different remote users to
have the same session. As long as they use the same
account name and password to log on. This will allow a
currently user to access a previous user’s information,
or a previous user to execute an malicious application
to access all the information of the currently logged on
user.
In order
to prevent you from getting the password information in
others’ memory cards and others from getting the
password information from your memory card, DiskLogon
will investigate whether the session’s owner is
accurate. If the DiskLogon determines the session owner
is not the currently logged on user, DiskLogon will not
send the password to Windows XP Terminal Server. This
will probably cause the currently logged on user to be
unable to use his memory card to unlock the terminal
server. When this situation occurs, you must first
disconnect (no need to log out), then log on to unlock
computer.
This
method can guarantee that your memory card password will
not be known to other remote users, but may cause you to
be unable to unlock your computer.
Deny
user to be able to enter password during logging on to
Terminal Server
Terminal
Server’s password can be entered arbitrarily. You can
enter up to exponentials of passwords to get the
accurate one.
You may
decide whether you will allow a remote user to enter
their password to log on to the Terminal Server. If you
want to restrict a user in entering his password to log
on to the Terminal Server, you only need to disable
”Allow users to enter their password to log on to this
computer”. This can guarantee that remote users cannot
use the following methods to enter his password and log
on to Terminal Server:
Setting the default password on the ”Remote Desktop
Connection” application.
Entering his password on the "Log on to Windows"
dialog box.
Regarding additional encryption algorithm
When you
are saving your password, you will notice the additional
encryption algorithm selection. This algorithm can
guarantee that other computers cannot open your password
file. Hence, if you select this while saving your
password, you can decrease the probability of other uses
not being able to break your password.
DiskLogon
will establish an unique KEY in every computer, and the
KEY in every computer are different. You can use this
KEY to encrypt your user account and password. If you
use this KEY to encrypt your account and password, then
you must also use this KEY to decrypt your password. If
other computers are unable to have the same KEY, then
you cannot decrypt your account or password. If you lose
your memory card, you need not worry that your password
can be opened through other computers.
For
Terminal Services users, if their office computer
passwords are stored in the home computer’s memory card
and this selection is enabled, their home computer
cannot break their office computer passwords.
Changing your password
If you
want to change your password, you must use DiskLogon to
change it.
DiskLogon
provides two methods to change your password:
Use
DiskLogon GINA to change password
If you want to use DiskLogon GINA to change your
password, you can first press "CTRL+ATL+DEL" and
then click "Change Password…" button.
Use
"DiskLogon Options" program to change your password
If you want to use "DiskLogon Options" program to
change your password, you must first open DiskLogon
Options program, then click "Password" to change it.
Please do
not use other programs to change or reset your password.
If you use other programs to change your password, you
must use "DiskLogon Options" program to save your new
password in the memory card.
Do not use
other programs to reset your password. Resetting your
password is very wrong and will likely cause your
documents to be unusable forever. If you want to change
your password, make sure if the password tools you are
using may reset your password. Some password programs
may reset your password when the password is unable to
be changed.
