Windows XP Welcome screen and Fast-User Switching
|
|
Biometric Logon Client is not yet compatible with Windows XP Welcome Screen and Fast-User Switching. Therefore, after the Biometric Logon Client installation, these options will be disabled and the standard Windows logon screen will be used whenever the user decides to log on using his/her username and password.
|
Windows XP Remote Desktops and Remote Logon
|
|
Biometric Logon Client is not yet compatible with Windows XP Remote Desktops or any other program that allows an user to log on a computer remotely. Therefore, if a user really needs to log on using such programs, he/she must be part of the "Default Logon" group.
|
Windows Terminal Services
|
|
Biometric Logon Client is not yet compatible with Windows Terminal Services. Therefore, if a user really needs to log on using it, he/she must be part of the "Default Logon" group.
|
Windows Internet Name Service
|
|
WINS must be enabled on the network. Because Biometric Logon Client needs to resolve the NETBIOS name of domains and domain controllers.
|
"Fast" and "Smart" Logon
Though these methods require no password for user logon, the Windows operating system still uses passwords as credentials to log on the user, thus Biometric Logon Client needs a user password to submit for user authentication. For increased security, this password is random.
For domain logon, such random password is generated by the Biometric Logon Server service and the user password is reset in the Domain Controller, not being carried over the network. Yet, this random password is not stored anywhere but by the Domain Controller.
 |
| The random password is generated every time a successful logon occurs. |
|
For local machine logon, the password is generated by the Biometric Logon Client. On the first logon the user password is reset. On the second logon and on, the password is changed every time. To keep important and sensitive information secure, after a user password is reset some types of information stored by Windows in the local machine are no longer accessible. Biometric Logon Client stores the random password of local user accounts in encrypted format.
|
For convenience sake, the user logon name used by Biometric Logon Client and Biometric Logon Server is the "Sam Account Name", the logon name supported for operating systems before Windows 2000. Such name is valid for all logon methods, even the "Default" one.
|
|
Users not added to "Fast", "Smart" or "Strong" logon groups will log on to using the standard Windows username/password logon method.
|
Cached Credentials
|
|
Biometric Logon Client also supports cached credentials for all logon methods. The credentials of the last five users who logged on the domain are stored in the computer in encrypted format. If no Domain Controller is available or if the Biometric Logon Server service is down, Biometric Logon Client will try to log on the user using the cached credentials. If the user doesn't have his/her credentials stored in the computer, an error message will be shown.
|
Even with the cached credentials support there's no warranty that the user will log on successfully, because the Domain Controller controls the expiration of a credential, and Biometric Logon Client isn't aware of it.
Support
|
|
The unregistered copies of Biometric Logon Client are provided "as is", with no warranty or support, although questions and comments can be posted on our web-based forum:www.griaulebiometrics.com/page/forum. Bugs can be reported in our forum too.
|
Registered versions feature e-mail support. Please use our contact form with the following information in hands:
- Your Griaule customer username;
- Operating system used;
- Fingerprint reader used;
- Detailed description of problem, with error message and any other information that might be relevant.
