The logon process with Ranger installed

Article Number: 0000000053

Created On: 2007-07-30 11:16:12

Last Updated: 2008-11-20 16:14:48


Number of Views: 362

#

Question

How does Ranger start up and configure security and settings during login?



Symptoms

Ranger integrates with the standard Windows network login process to ensure it is compatible with all Windows networks and configurations.



Resolution

The login process can be summarised by the following steps:

  1. User enters their username and password into network logon dialog

  2. Server authenticates user

  3. Login script runs (if present and configured in the users account)

  4. The user's profile is copied from the server to local machine (if roaming profiles are enabled e.g. roaming profile path is set in the users account)

  5. System policies and Active directory policies are run (if installed and configured)

  6. Settings stored in the server's Config.pol or NTConfig.pol are merged into the registry.

  7. Windows would have normally started the explorer shell to give the user a desktop. Instead of the explorer shell being started a Ranger program (Rgruinit) runs to determine the user's Ranger group and then applies the Ranger security for the group.

  8. The Ranger splash screen is displayed

  9. Ranger verifies the local machine and network licence. This check ensures that the maximum number of licences are not exceeded and that the user has not exceeded their maximum concurrent logon limit. This check requires UNC access to the \\servername\ranger\ranger2.dll file

  10. The location of the server's Ranger directories and the user's Ranger group is determined by the Ranger Accounts Server (Ranger 4 onwards) or via the STARTUP folder shortcut (Version 1-3). Once the Ranger Accounts Servers returns with this information, the appropriate Ranger group security and monitoring threads are initiated.

  11. SecMon merges registry settings contained in the "PreShell9x.rrg" or "PreShellNT.rrg" files

  12. Registry settings contained in .rrg files in the Control directory are merged into the registry. These settings reflect the policies configured in Ranger Administrator -gt; Environment section. The values are merged in the following order:
    • "All Computer" settings
    • Specific "computer" settings
    • "All Users" settings
    • Specific "group" settings

  13. Rgruinit now starts the system shell (usually Explorer.exe). Users start to see desktop and normal Windows environment

  14. In Windows 9x, the "You have not logged onto this computer before" message is displayed, if roaming profiles are turned on and the user profile does not exist on the machine is automatically handled according to the setting in Ranger Administrator

  15. Programs defined as scheduled "on logon" jobs in the group's Ranger Administrator security settings run

  16. Programs in the HKEYLOCALMACHINESoftwareMicrosoftWindowsCurrentVersionRun key of the registry run

  17. Shortcuts in the user's STARTUP folder run



Instructions

N/A



Testing

N/A



See Ranger in Action

We are happy to provide a live demonstration of any of our products.

We can either visit you on-site, or set up a web demo which you can access remotely - whichever suits you best. Just click the link below and send us your details.

Send my details

Alternatively call: +44 (0)1403 754702