beautypg.com

2 automated windows guest logons, Automated windows guest logons – Sun Microsystems VIRTUALBOX VERSION 3.1.0_BETA2 User Manual

Page 137

background image

9 Advanced topics

9.2 Automated Windows guest logons

When Windows is running in a virtual machine, it might be desirable to perform co-
ordinated and automated logons of guest operating systems using credentials from a
master logon system. (With “credentials”, we are referring to logon information con-
sisting of user name, password and domain name, where each value might be empty.)

Since Windows NT, Windows has provided a modular system logon subsystem

(“Winlogon”) which can be customized and extended by means of so-called GINA
modules (Graphical Identification and Authentication). With Windows Vista, the GINA
modules were replaced with a new mechanism called “credential providers”. The
VirtualBox Guest Additions for Windows come with both, a GINA and a credential
provider module, and therefore enable any Windows guest to perform automated lo-
gons.

To activate the VirtualBox GINA or credential provider module, install the Guest

Additions using the command line switch /with_autologon.

To manually install the GINA module, extract the Guest Additions (see chapter

4.3.4

,

Manual file extraction

, page

64

) and copy the file VBoxGINA.dll to the Windows

SYSTEM32

directory. Then, in the registry, create the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\

Winlogon\GinaDLL

with a value of VBoxGINA.dll.

Note: The VirtualBox GINA is implemented as a wrapper around the standard
Windows GINA (MSGINA.DLL) so it will most likely not work correctly with
3rd party GINA modules.

To set credentials, use the following command on a running VM:

VBoxManage controlvm "Windows XP"

setcredentials "John Doe" "secretpassword" "DOMTEST"

While the VM is running, the credentials can be queried by the VirtualBox logon

modules (GINA or credential provider) using the VirtualBox Guest Additions device
driver. When Windows is in “logged out” mode, the logon modules will constantly poll
for credentials and if they are present, a logon will be attempted. After retrieving the
credentials, the logon modules will erase them so that the above command will have
to be repeated for subsequent logons.

For security reasons, credentials are not stored in any persistent manner and will be

lost when the VM is reset. Also, the credentials are “write-only”, i.e. there is no way to
retrieve the credentials from the host side. Credentials can be reset from the host side
by setting empty values.

Depending on the particular variant of the Windows guest, the following restrictions

apply:

137

See also other documents in the category Sun Microsystems Hardware: